Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-12422 Improper Privilege Management vulnerability in Netapp Storagegrid Webscale
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
network
low complexity
netapp CWE-269
4.0
4.0
2017-08-18 CVE-2017-12420 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Netapp Clustered Data Ontap
Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code.
network
low complexity
netapp CWE-119
6.5
6.5
2017-08-18 CVE-2017-12859 Improper Input Validation vulnerability in Netapp Data Ontap
NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.
network
netapp CWE-20
4.3
4.3
2017-08-10 CVE-2016-6794 When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager.
network
low complexity
apache debian redhat netapp canonical oracle
5.3
5.3
2017-08-10 CVE-2016-0762 Information Exposure Through Discrepancy vulnerability in multiple products
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist.
network
high complexity
apache canonical debian redhat netapp oracle CWE-203
5.9
5.9
2017-08-08 CVE-2017-10243 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS).
network
low complexity
oracle debian netapp redhat
6.5
6.5
2017-08-08 CVE-2017-10198 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle phoenixcontact debian netapp redhat
6.8
6.8
2017-08-08 CVE-2017-10135 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE).
network
high complexity
oracle debian phoenixcontact redhat netapp
5.9
5.9
2017-08-08 CVE-2017-10125 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
local
oracle netapp
4.4
4.4
2017-08-08 CVE-2017-10114 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX).
network
high complexity
oracle debian netapp
5.1
5.1