Vulnerabilities > Netapp > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-01 | CVE-2021-28163 | Link Following vulnerability in multiple products In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. | 2.7 |
| 2021-03-04 | CVE-2021-26988 | Missing Authorization vulnerability in Netapp Data Ontap Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs. | 3.5 |
| 2021-02-08 | CVE-2020-8578 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true. | 3.3 |
| 2021-02-08 | CVE-2020-8590 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true. | 3.3 |
| 2021-02-03 | CVE-2020-8588 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Machines (SVMs). low complexity netapp | 3.5 |
| 2021-02-03 | CVE-2020-8589 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs) and filenames on those SVMs. low complexity netapp | 3.5 |
| 2021-01-20 | CVE-2021-1998 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 3.8 |
| 2021-01-20 | CVE-2021-2007 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). | 3.7 |
| 2021-01-20 | CVE-2021-2019 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). | 2.7 |
| 2021-01-20 | CVE-2021-2042 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 2.3 |