Vulnerabilities > Netapp > E Series Performance Analyzer > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-08 CVE-2022-21713 Authorization Bypass Through User-Controlled Key vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana netapp fedoraproject CWE-639
4.3
2022-02-08 CVE-2022-21702 Cross-site Scripting vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana netapp fedoraproject CWE-79
5.4
2021-05-25 CVE-2021-32640 Resource Exhaustion vulnerability in multiple products
ws is an open source WebSocket client and server library for Node.js.
network
low complexity
ws-project netapp CWE-400
5.3
2021-04-01 CVE-2021-28164 In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory.
network
low complexity
eclipse netapp oracle
5.3
2021-03-25 CVE-2021-3449 NULL Pointer Dereference vulnerability in multiple products
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
5.9
2020-07-27 CVE-2020-11110 Cross-site Scripting vulnerability in multiple products
Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
network
low complexity
grafana netapp CWE-79
5.4
2020-04-15 CVE-2020-2830 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). 5.3
2020-04-15 CVE-2020-2800 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). 4.8
2020-04-15 CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). 5.3
2020-04-15 CVE-2020-2767 Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian canonical opensuse
4.8