Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-24 CVE-2019-5504 Missing Authentication for Critical Function vulnerability in Netapp Ontap Select Deploy Administration Utility 2.12/2.12.1
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
network
low complexity
netapp CWE-306
critical
 9.8
9.8
2019-09-24 CVE-2019-5505 Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
network
low complexity
netapp CWE-522
critical
 9.8
9.8
2019-03-25 CVE-2019-3860 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-25 CVE-2019-3861 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-3858 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-3859 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-3862 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-02-26 CVE-2019-9169 Out-of-bounds Read vulnerability in multiple products
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
network
low complexity
gnu netapp mcafee canonical CWE-125
critical
 9.8
9.8