Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2021-06-11 CVE-2021-22901 Use After Free vulnerability in multiple products
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection.
network
high complexity
haxx oracle netapp siemens splunk CWE-416
8.1
2021-06-11 CVE-2021-26993 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server.
network
low complexity
netapp
5.3
2021-06-11 CVE-2021-26995 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code.
network
low complexity
netapp
8.8
2021-06-11 CVE-2021-26996 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks.
network
low complexity
netapp
7.5
2021-06-11 CVE-2021-26997 Information Exposure Through an Error Message vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks.
network
low complexity
netapp CWE-209
6.5
2021-06-10 CVE-2021-20293 A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType.
network
low complexity
redhat netapp
6.1
2021-06-10 CVE-2020-13938 Missing Authorization vulnerability in multiple products
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
local
low complexity
apache mcafee netapp CWE-862
5.5
2021-06-10 CVE-2021-26691 Out-of-bounds Write vulnerability in multiple products
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
network
low complexity
apache debian fedoraproject oracle netapp CWE-787
critical
9.8
2021-06-09 CVE-2020-12357 Improper Initialization vulnerability in multiple products
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-665
6.7
2021-06-09 CVE-2020-12358 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.
local
low complexity
intel siemens netapp CWE-787
4.4