Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-11 CVE-2021-22897 Exposure of Resource to Wrong Sphere vulnerability in multiple products
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library.
network
low complexity
haxx oracle netapp siemens splunk CWE-668
5.3
2021-06-11 CVE-2021-26993 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server.
network
low complexity
netapp
5.3
2021-06-11 CVE-2021-26997 Information Exposure Through an Error Message vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks.
network
low complexity
netapp CWE-209
6.5
2021-06-10 CVE-2021-20293 Cross-site Scripting vulnerability in multiple products
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType.
network
low complexity
redhat netapp CWE-79
6.1
2021-06-10 CVE-2020-13938 Missing Authorization vulnerability in multiple products
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
local
low complexity
apache mcafee netapp CWE-862
5.5
2021-06-09 CVE-2020-12357 Improper Initialization vulnerability in multiple products
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-665
6.7
2021-06-09 CVE-2020-12358 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.
local
low complexity
intel siemens netapp CWE-787
4.4
2021-06-09 CVE-2020-12359 Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel netapp
6.8
2021-06-09 CVE-2020-24486 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp siemens CWE-20
5.5
2021-06-09 CVE-2020-24511 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-668
6.5