Vulnerabilities > Netapp > E Series Santricity OS Controller > 11.40.5

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-26049 Information Exposure vulnerability in multiple products
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse debian netapp CWE-200
5.3
2022-10-18 CVE-2022-21618 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-10-18 CVE-2022-21619 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).
network
high complexity
oracle fedoraproject netapp azul
3.7
2022-10-18 CVE-2022-21624 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI).
network
high complexity
oracle fedoraproject netapp azul
3.7
2022-10-18 CVE-2022-21626 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-10-18 CVE-2022-21628 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server).
network
low complexity
oracle fedoraproject netapp azul
5.3
2022-10-18 CVE-2022-39399 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking).
network
high complexity
oracle fedoraproject netapp azul
3.7
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
2022-06-02 CVE-2022-23236 Cleartext Storage of Sensitive Information vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.
local
low complexity
netapp CWE-312
2.1
2022-06-02 CVE-2022-23237 Open Redirect vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites.
network
netapp CWE-601
5.8