Data Ontap
Sign in to watchby NetApp
Source repositories
CVEs (10)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-7853 | Cri | 0.67 | 9.8 | 0.41 | Aug 7, 2017 | The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. | |
| CVE-2015-7705 | Cri | 0.66 | 9.8 | 0.31 | Aug 7, 2017 | The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests. | |
| CVE-2015-7854 | Hig | 0.58 | 8.8 | 0.04 | Aug 7, 2017 | Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file. | |
| CVE-2016-10708 | Hig | 0.42 | 7.5 | 0.03 | Jan 21, 2018 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. | |
| CVE-2016-1895 | Med | 0.42 | 6.5 | 0.01 | Sep 1, 2017 | NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. | |
| CVE-2015-7850 | Med | 0.42 | 6.5 | 0.03 | Aug 7, 2017 | ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. | |
| CVE-2015-7852 | Med | 0.39 | 5.9 | 0.03 | Aug 7, 2017 | ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | |
| CVE-2017-12859 | Med | 0.38 | 5.9 | 0.01 | Aug 18, 2017 | NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. | |
| CVE-2015-7886 | Low | 0.24 | 3.7 | 0.00 | Jan 18, 2016 | NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors. | |
| CVE-2008-3349 | 0.00 | — | 0.04 | Jul 28, 2008 | Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160. |