Vulnerabilities > Netapp > Solidfire HCI Management Node > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-02 CVE-2021-3772 Improper Validation of Integrity Check Value vulnerability in multiple products
A flaw was found in the Linux SCTP stack.
network
high complexity
linux redhat debian oracle netapp CWE-354
6.5
2022-02-26 CVE-2020-36516 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.16.11.
network
high complexity
linux netapp CWE-327
5.9
2021-06-11 CVE-2021-22897 Exposure of Resource to Wrong Sphere vulnerability in multiple products
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library.
network
low complexity
haxx oracle netapp siemens splunk CWE-668
5.3
2021-06-07 CVE-2019-25045 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.19.
local
low complexity
linux netapp CWE-416
4.6
2021-03-26 CVE-2021-20197 Link Following vulnerability in multiple products
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom CWE-59
6.3
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian netapp
5.5
2021-01-04 CVE-2020-35507 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu redhat netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35496 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35495 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
2021-01-04 CVE-2020-35494 Use of Uninitialized Resource vulnerability in multiple products
There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom CWE-908
6.1