Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2020-11-12 CVE-2020-8754 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel netapp CWE-125
7.5
2020-11-12 CVE-2020-8749 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
low complexity
intel netapp CWE-125
8.8
2020-11-12 CVE-2020-8739 Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp
7.8
2020-11-12 CVE-2020-0590 Improper Input Validation vulnerability in multiple products
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-20
7.8
2020-11-06 CVE-2020-8580 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS).
network
low complexity
netapp
7.5
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
2020-10-27 CVE-2020-8579 Unspecified vulnerability in Netapp Clustered Data Ontap 9.7
Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).
network
low complexity
netapp
7.5
2020-10-23 CVE-2020-27216 In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system.
local
high complexity
eclipse netapp oracle apache debian
7.0
2020-10-21 CVE-2020-14828 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle netapp
7.2
2020-10-13 CVE-2020-25645 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux debian netapp opensuse canonical CWE-319
7.5