Vulnerabilities > Netapp > Storagegrid

DATE CVE VULNERABILITY TITLE RISK
2024-06-14 CVE-2024-21988 Improper Verification of Cryptographic Signature vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation.
network
high complexity
netapp CWE-347
5.3
2024-02-16 CVE-2024-21983 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability.
network
low complexity
netapp
6.5
2024-02-16 CVE-2024-21984 Cross-site Scripting vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability.
network
high complexity
netapp CWE-79
6.9
2024-02-05 CVE-2023-27318 Unspecified vulnerability in Netapp Storagegrid 11.6.0/11.6.0.13
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability.
network
low complexity
netapp
7.5
2023-03-02 CVE-2022-38734 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability.
network
low complexity
netapp
7.5
2022-08-10 CVE-2022-23238 Unspecified vulnerability in Netapp Storagegrid 11.6.0
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content.
network
low complexity
netapp
6.5
2022-08-05 CVE-2022-37434 Out-of-bounds Write vulnerability in multiple products
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
network
low complexity
zlib fedoraproject debian netapp apple stormshield CWE-787
critical
9.8
2022-05-25 CVE-2022-1678 An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
network
low complexity
linux netapp
7.5
2022-03-15 CVE-2022-0778 Infinite Loop vulnerability in multiple products
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.
7.5
2022-03-04 CVE-2022-23232 Unspecified vulnerability in Netapp Storagegrid
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access.
network
low complexity
netapp
4.9