Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-0567 Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
network
low complexity
gnu fedoraproject netapp debian CWE-347
7.5
2024-01-15 CVE-2024-0565 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel.
low complexity
linux netapp CWE-191
7.4
2024-01-12 CVE-2024-21982 Unspecified vulnerability in Netapp Clustered Data Ontap
ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user.
network
low complexity
netapp
6.5
2023-12-21 CVE-2023-27319 Information Exposure Through an Error Message vulnerability in Netapp Ontap Mediator
ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an unauthenticated attacker to enumerate URLs via REST API.
network
low complexity
netapp CWE-209
5.3
2023-12-15 CVE-2023-27317 Unspecified vulnerability in Netapp Ontap 9.12.1/9.13.1
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion.
low complexity
netapp
4.6
2023-11-14 CVE-2023-23583 Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
local
low complexity
intel debian netapp
7.8
2023-11-03 CVE-2023-31102 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
local
low complexity
7-zip netapp CWE-191
7.8
2023-11-01 CVE-2023-5178 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
8.8
2023-10-27 CVE-2023-46604 The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution.
network
low complexity
apache debian netapp
critical
9.8
2023-10-25 CVE-2023-5363 Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths.
network
low complexity
openssl debian netapp
7.5