Vulnerabilities > Netapp > E Series Santricity OS Controller

DATE CVE VULNERABILITY TITLE RISK
2021-02-02 CVE-2021-21285 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon.
network
low complexity
docker debian netapp CWE-754
6.5
2021-02-02 CVE-2021-21284 Path Traversal vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root.
low complexity
docker debian netapp CWE-22
2.7
2021-01-27 CVE-2021-3326 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
low complexity
gnu netapp oracle fujitsu debian CWE-617
7.5
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
5.9
2020-12-04 CVE-2020-29562 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
high complexity
gnu fedoraproject netapp CWE-617
4.8
2020-11-06 CVE-2020-8577 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.
network
netapp
4.3
2020-11-06 CVE-2020-8580 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS).
network
low complexity
netapp
5.0
2020-10-21 CVE-2020-14803 Vulnerability in the Java SE product of Oracle Java SE (component: Libraries).
network
low complexity
oracle netapp debian opensuse
5.0
2020-10-21 CVE-2020-14798 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian opensuse
2.6
2020-10-21 CVE-2020-14797 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 4.3