Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility

DATE CVE VULNERABILITY TITLE RISK
2019-12-09 CVE-2019-19646 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
network
low complexity
sqlite siemens tenable oracle netapp CWE-754
7.5
2019-12-09 CVE-2019-19603 SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
network
low complexity
sqlite oracle siemens apache netapp
7.5
2019-12-09 CVE-2019-19645 Uncontrolled Recursion vulnerability in multiple products
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
local
low complexity
sqlite netapp oracle tenable siemens CWE-674
2.1
2019-12-05 CVE-2019-19317 Incorrect Conversion between Numeric Types vulnerability in multiple products
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
sqlite netapp oracle siemens CWE-681
7.5
2019-11-21 CVE-2019-5509 Code Injection vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
network
low complexity
netapp CWE-94
7.5
2019-11-21 CVE-2019-17272 Improper Input Validation vulnerability in Netapp Ontap Select Deploy Administration Utility
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
network
low complexity
netapp CWE-20
6.5
2019-10-21 CVE-2019-17498 Integer Overflow or Wraparound vulnerability in multiple products
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read.
8.1
2019-09-24 CVE-2019-5505 Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
network
low complexity
netapp CWE-522
5.0
2019-09-24 CVE-2019-5504 Improper Input Validation vulnerability in Netapp Ontap Select Deploy Administration Utility 2.12/2.12.1
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
network
low complexity
netapp CWE-20
7.5
2019-09-09 CVE-2019-16168 Divide By Zero vulnerability in multiple products
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5