Vulnerabilities > Netapp > Storage Automation Store > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2019-01-31 CVE-2019-6110 Inappropriate Encoding for Output Context vulnerability in multiple products
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
network
high complexity
openbsd winscp netapp siemens CWE-838
6.8
2019-01-31 CVE-2019-6109 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in OpenSSH 7.9.
6.8
2019-01-30 CVE-2018-17189 Resource Exhaustion vulnerability in multiple products
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data.
5.3
2019-01-16 CVE-2019-2539 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection).
network
low complexity
oracle netapp redhat
4.9
2019-01-16 CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian netapp mariadb redhat
4.9
2019-01-16 CVE-2019-2536 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle netapp redhat
5.0
2019-01-16 CVE-2019-2535 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options).
local
high complexity
oracle netapp redhat
4.1
2019-01-16 CVE-2019-2533 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle netapp redhat
6.5
2019-01-16 CVE-2019-2532 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical redhat
4.9