Vulnerabilities > Netapp > Data Ontap

DATE CVE VULNERABILITY TITLE RISK
2021-03-04 CVE-2021-26989 Unspecified vulnerability in Netapp Data Ontap
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access.
network
low complexity
netapp
6.5
2021-03-04 CVE-2021-26988 Missing Authorization vulnerability in Netapp Data Ontap
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs.
low complexity
netapp CWE-862
3.5
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
5.9
2020-06-04 CVE-2020-13817 Use of Insufficiently Random Values vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets.
network
high complexity
ntp netapp opensuse fujitsu CWE-330
7.4
2020-04-17 CVE-2020-11868 Origin Validation Error vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
network
low complexity
ntp redhat netapp debian opensuse CWE-346
7.5
2019-08-05 CVE-2019-5502 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-327
critical
9.1
2019-08-02 CVE-2019-5501 Unspecified vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
network
low complexity
netapp
7.5
2019-08-02 CVE-2019-5493 Unspecified vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker.
network
low complexity
netapp
7.5
2019-05-15 CVE-2019-8936 NULL Pointer Dereference vulnerability in multiple products
NTP through 4.2.8p12 has a NULL Pointer Dereference.
network
low complexity
netapp fedoraproject opensuse hpe ntp CWE-476
7.5
2018-12-04 CVE-2018-5496 Information Exposure vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
local
low complexity
netapp CWE-200
4.4