Vulnerabilities > Netapp > FAS AFF Bios > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2021-33117 Improper access control for some 3rd Generation Intel(R) Xeon(R) Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access.
local
low complexity
intel netapp
5.5
2022-02-09 CVE-2021-0092 Resource Exhaustion vulnerability in multiple products
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
local
low complexity
intel netapp CWE-400
4.4
2022-02-09 CVE-2021-0093 Incorrect Default Permissions vulnerability in multiple products
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
local
low complexity
intel netapp CWE-276
4.4
2022-02-09 CVE-2021-0103 Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel netapp
6.7
2022-02-09 CVE-2021-0107 Unchecked Return Value vulnerability in multiple products
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-252
6.7
2022-02-09 CVE-2021-0111 NULL Pointer Dereference vulnerability in multiple products
NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
intel netapp CWE-476
6.7
2022-02-09 CVE-2021-0115 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-120
6.7
2022-02-09 CVE-2021-0118 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel CWE-125
6.7
2022-02-09 CVE-2021-0119 Improper Initialization vulnerability in multiple products
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
low complexity
netapp intel CWE-665
6.2
2022-02-09 CVE-2021-0124 Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
low complexity
netapp intel
6.6