Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-12258 Session Fixation vulnerability in multiple products
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-384
5.0
2019-08-09 CVE-2019-12265 Memory Leak vulnerability in multiple products
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-401
5.0
2019-08-09 CVE-2019-12263 Out-of-bounds Write vulnerability in multiple products
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4).
6.8
2019-08-09 CVE-2019-5498 Unspecified vulnerability in Netapp Oncommand Insight
OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user.
network
low complexity
netapp
4.0
2019-08-09 CVE-2019-12257 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component.
5.8
2019-08-05 CVE-2019-5502 Cryptographic Issues vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-310
6.4
2019-08-02 CVE-2019-5501 Unspecified vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
network
low complexity
netapp
5.0
2019-08-02 CVE-2019-5493 Unspecified vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker.
network
netapp
4.3
2019-07-30 CVE-2019-14444 Integer Overflow or Wraparound vulnerability in multiple products
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.
local
low complexity
gnu opensuse canonical netapp CWE-190
5.5
2019-07-25 CVE-2019-10184 Missing Authorization vulnerability in multiple products
undertow before version 2.0.23.Final is vulnerable to an information leak issue.
network
low complexity
redhat netapp CWE-862
5.0