VYPR

Data Ontap

by NetApp

CVEs (34)

  • CVE-2016-1895MedSep 1, 2017
    risk 0.42cvss 6.5epss 0.01

    NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.

  • CVE-2015-7852MedAug 7, 2017
    risk 0.39cvss 5.9epss 0.12

    ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

  • CVE-2020-1971MedDec 8, 2020
    risk 0.38cvss 5.9epss 0.07

    The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This…

  • CVE-2017-12859MedAug 18, 2017
    risk 0.38cvss 5.9epss 0.02

    NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2016-6495MedFeb 7, 2017
    risk 0.38cvss 5.9epss 0.01

    NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.

  • CVE-2016-2518MedJan 30, 2017
    risk 0.36cvss 5.3epss 0.15

    The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

  • CVE-2015-7886LowJan 18, 2016
    risk 0.24cvss 3.7epss 0.01

    NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.

  • CVE-2008-0960Jun 10, 2008
    risk 0.09cvss epss 0.69

    SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2;…

  • CVE-2019-5502Aug 5, 2019
    risk 0.00cvss epss 0.01

    SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.

  • CVE-2019-5501Aug 2, 2019
    risk 0.00cvss epss 0.02

    Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.

  • CVE-2019-5493Aug 2, 2019
    risk 0.00cvss epss 0.01

    Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.

  • CVE-2018-5496Dec 4, 2018
    risk 0.00cvss epss 0.00

    Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

  • CVE-2008-3349Jul 28, 2008
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access…

  • CVE-2006-3569Jul 13, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect…

Page 2 of 2