Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-11-12 CVE-2020-8746 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
low complexity
intel netapp CWE-190
6.5
2020-11-12 CVE-2020-8740 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-787
4.6
2020-11-12 CVE-2020-8739 Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp
4.6
2020-11-12 CVE-2020-8738 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-754
4.6
2020-11-12 CVE-2020-8698 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
5.5
2020-11-12 CVE-2020-8696 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel netapp fedoraproject debian CWE-212
5.5
2020-11-12 CVE-2020-12356 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-125
4.4
2020-11-12 CVE-2020-13954 Cross-site Scripting vulnerability in multiple products
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses.
network
low complexity
apache netapp oracle CWE-79
6.1
2020-11-06 CVE-2020-8577 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.
network
netapp
4.3
2020-11-06 CVE-2020-8580 Unspecified vulnerability in Netapp E-Series Santricity OS Controller
SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS).
network
low complexity
netapp
5.0