Vulnerabilities > Netapp > FAS AFF Bios
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2021-0117 | Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | 4.6 |
| 2022-02-09 | CVE-2021-0118 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | 4.6 |
| 2022-02-09 | CVE-2021-0119 | Improper Initialization vulnerability in multiple products Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | 4.6 |
| 2022-02-09 | CVE-2021-0124 | Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | 4.6 |
| 2022-02-09 | CVE-2021-0125 | Improper Initialization vulnerability in multiple products Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | 4.6 |
| 2022-02-09 | CVE-2021-0145 | Improper Initialization vulnerability in multiple products Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2.1 |
| 2022-02-09 | CVE-2021-0156 | Improper Input Validation vulnerability in multiple products Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. | 4.6 |
| 2022-02-03 | CVE-2021-33625 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. | 6.9 |
| 2021-06-09 | CVE-2020-24511 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2.1 |
| 2021-06-09 | CVE-2020-24512 | Information Exposure Through Discrepancy vulnerability in multiple products Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 2.1 |