Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2020-12359 Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel netapp
6.8
2021-06-09 CVE-2020-24486 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp siemens CWE-20
5.5
2021-06-09 CVE-2020-24511 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-668
6.5
2021-06-09 CVE-2020-8670 Race Condition vulnerability in multiple products
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
high complexity
intel siemens netapp CWE-362
6.4
2021-06-09 CVE-2020-8700 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-20
6.7
2021-06-09 CVE-2020-8703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-119
6.7
2021-06-09 CVE-2021-28169 For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory.
network
low complexity
eclipse debian oracle netapp
5.3
2021-06-08 CVE-2021-31807 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache fedoraproject netapp CWE-190
6.5
2021-06-04 CVE-2021-26994 Unspecified vulnerability in Netapp Clustered Data Ontap
Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node.
network
low complexity
netapp
6.5
2021-06-02 CVE-2021-3522 Out-of-bounds Read vulnerability in multiple products
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
local
low complexity
gstreamer-project netapp oracle CWE-125
5.5