Vulnerabilities > Netapp > Fabric Attached Storage A400 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-1343 Improper Certificate Validation vulnerability in multiple products
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response.
network
low complexity
openssl netapp CWE-295
5.3
2022-05-03 CVE-2022-1434 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key.
network
high complexity
openssl netapp CWE-327
5.9
2021-06-07 CVE-2019-25045 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.19.
local
low complexity
linux netapp CWE-416
4.6
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-04-17 CVE-2020-11868 Origin Validation Error vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
network
low complexity
ntp redhat netapp debian opensuse CWE-346
5.0