Vulnerabilities > Netapp > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-16 | CVE-2024-21987 | Incorrect Authorization vulnerability in Netapp Snapcenter 4.8/4.9 SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an authenticated SnapCenter Server user to modify system logging configuration settings | 5.4 |
2024-01-12 | CVE-2024-21982 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user. | 6.5 |
2023-12-21 | CVE-2023-27319 | Information Exposure Through an Error Message vulnerability in Netapp Ontap Mediator ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an unauthenticated attacker to enumerate URLs via REST API. | 5.3 |
2023-12-15 | CVE-2023-27317 | Unspecified vulnerability in Netapp Ontap 9.12.1/9.13.1 ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. low complexity netapp | 4.6 |
2023-10-16 | CVE-2023-40791 | extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page. | 6.3 |
2023-10-14 | CVE-2023-45862 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. | 5.5 |
2023-10-12 | CVE-2023-27312 | Unspecified vulnerability in Netapp Snapcenter Plug-In 4.6 SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface. | 4.3 |
2023-10-12 | CVE-2023-27315 | Insufficiently Protected Credentials vulnerability in Netapp Snapgathers SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials | 5.5 |
2023-10-05 | CVE-2023-40745 | Integer Overflow or Wraparound vulnerability in multiple products LibTIFF is vulnerable to an integer overflow. | 6.5 |
2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |