VYPR

SANtricity OS Controller Software

by NetApp

CVEs (7)

  • CVE-2021-26995HigJun 11, 2021
    risk 0.57cvss 8.8epss 0.01

    E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code.

  • CVE-2021-26996HigJun 11, 2021
    risk 0.49cvss 7.5epss 0.01

    E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex…

  • CVE-2020-8580HigNov 6, 2020
    risk 0.49cvss 7.5epss 0.01

    SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS).

  • CVE-2022-23237MedJun 2, 2022
    risk 0.40cvss 6.1epss 0.01

    E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites.

  • CVE-2020-8577MedNov 6, 2020
    risk 0.38cvss 5.9epss 0.01

    SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.

  • CVE-2021-26993MedJun 11, 2021
    risk 0.35cvss 5.3epss 0.01

    E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server.

  • CVE-2022-23236MedJun 2, 2022
    risk 0.29cvss 4.4epss 0.00

    E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.