Vulnerabilities > Netapp > FAS AFF Bios

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2021-0117 Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel
7.8
2022-02-09 CVE-2021-0118 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel CWE-125
6.7
2022-02-09 CVE-2021-0119 Improper Initialization vulnerability in multiple products
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
low complexity
netapp intel CWE-665
6.2
2022-02-09 CVE-2021-0124 Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
low complexity
netapp intel
6.6
2022-02-09 CVE-2021-0125 Improper Initialization vulnerability in multiple products
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
low complexity
netapp intel CWE-665
6.6
2022-02-09 CVE-2021-0145 Improper Initialization vulnerability in multiple products
Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
netapp intel CWE-665
5.5
2022-02-09 CVE-2021-0156 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel CWE-20
7.8
2022-02-03 CVE-2021-33625 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword.
local
high complexity
insyde netapp siemens CWE-119
7.5
2021-06-09 CVE-2020-24511 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-668
6.5
2021-06-09 CVE-2020-24512 Information Exposure Through Discrepancy vulnerability in multiple products
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-203
3.3