Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-08 | CVE-2020-8587 | Unspecified vulnerability in Netapp Oncommand System Manager 9.3/9.4 OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs. | 5.5 |
| 2021-02-08 | CVE-2020-8578 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true. | 3.3 |
| 2021-02-08 | CVE-2021-21290 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.5 |
| 2021-02-05 | CVE-2021-26708 | Improper Locking vulnerability in multiple products A local privilege escalation was discovered in the Linux kernel before 5.10.13. | 7.0 |
| 2021-02-03 | CVE-2020-8589 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs) and filenames on those SVMs. low complexity netapp | 3.5 |
| 2021-02-03 | CVE-2020-8588 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Machines (SVMs). low complexity netapp | 3.5 |
| 2021-02-02 | CVE-2021-21285 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. | 6.5 |
| 2021-02-02 | CVE-2021-21284 | Path Traversal vulnerability in multiple products In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. | 6.8 |
| 2021-02-02 | CVE-2021-3281 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments. | 5.3 |
| 2021-01-28 | CVE-2020-8585 | Link Following vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink). | 5.5 |