Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-23 CVE-2020-5867 Download of Code Without Integrity Check vulnerability in multiple products
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages
network
f5 netapp CWE-494
6.8
2020-04-23 CVE-2020-5865 Cleartext Transmission of Sensitive Information vulnerability in multiple products
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks.
network
f5 netapp CWE-319
5.8
2020-04-17 CVE-2020-11868 Origin Validation Error vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
network
low complexity
ntp redhat netapp debian opensuse CWE-346
5.0
2020-04-15 CVE-2020-2930 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser).
network
high complexity
oracle fedoraproject canonical netapp
4.4
2020-04-15 CVE-2020-2925 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS).
network
low complexity
oracle fedoraproject netapp canonical
4.9
2020-04-15 CVE-2020-2924 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject canonical netapp
4.9
2020-04-15 CVE-2020-2923 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject netapp canonical
4.9
2020-04-15 CVE-2020-2904 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject canonical netapp
4.9
2020-04-15 CVE-2020-2903 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling).
network
low complexity
oracle fedoraproject canonical netapp
4.9
2020-04-15 CVE-2020-2901 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject canonical netapp
4.9