VYPR

Clustered Data Ontap

by NetApp

CVEs (78)

  • CVE-2021-27005Nov 1, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.

  • CVE-2021-27001Oct 19, 2021
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.

  • CVE-2021-27003Oct 12, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.

  • CVE-2021-26994Jun 4, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node.

  • CVE-2021-26989Mar 4, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access.

  • CVE-2021-26988Mar 4, 2021
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM)…

  • CVE-2020-8590Feb 8, 2021
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true.

  • CVE-2020-8578Feb 8, 2021
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true.

  • CVE-2020-8589Feb 3, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs) and filenames on those SVMs.

  • CVE-2020-8588Feb 3, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Machines (SVMs).

  • CVE-2020-8581Jan 19, 2021
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled.

  • CVE-2020-8579Oct 27, 2020
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).

  • CVE-2020-8576Sep 2, 2020
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information.

  • CVE-2019-5508Oct 25, 2019
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.2 through 9.4 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS).

  • CVE-2019-5506Oct 9, 2019
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.

  • CVE-2019-5491Feb 27, 2019
    risk 0.00cvss epss 0.02

    Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.

  • CVE-2018-5498Feb 1, 2019
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a…

  • CVE-2018-5497Jan 24, 2019
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

Page 4 of 4