Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-26 | CVE-2023-30996 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. | 5.3 |
2024-02-26 | CVE-2023-32344 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. | 4.3 |
2024-02-26 | CVE-2023-38359 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 6.1 |
2024-02-26 | CVE-2023-43051 | IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. | 5.4 |
2024-02-16 | CVE-2024-21983 | Unspecified vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. | 6.5 |
2024-02-16 | CVE-2024-21984 | Cross-site Scripting vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. | 6.9 |
2024-02-16 | CVE-2024-21987 | Incorrect Authorization vulnerability in Netapp Snapcenter 4.8/4.9 SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an authenticated SnapCenter Server user to modify system logging configuration settings | 5.4 |
2024-02-05 | CVE-2023-27318 | Unspecified vulnerability in Netapp Storagegrid 11.6.0/11.6.0.13 StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. | 7.5 |
2024-01-31 | CVE-2024-1086 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | 7.8 |
2024-01-26 | CVE-2024-21985 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. | 7.6 |