Ontap Select Deploy
by NetApp
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8610 | Hig | 0.52 | 7.5 | 0.40 | Nov 13, 2017 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive… | ||
| CVE-2017-5995 | Hig | 0.49 | 7.5 | 0.02 | Mar 1, 2017 | The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors. | ||
| CVE-2024-21989 | 0.00 | — | 0.00 | Apr 17, 2024 | ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges. | |||
| CVE-2019-17272 | 0.00 | — | 0.01 | Nov 21, 2019 | All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. | |||
| CVE-2019-5509 | 0.00 | — | 0.02 | Nov 21, 2019 | ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. | |||
| CVE-2019-5505 | 0.00 | — | 0.01 | Sep 24, 2019 | ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | |||
| CVE-2019-5504 | 0.00 | — | 0.02 | Sep 24, 2019 | ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. |
- risk 0.52cvss 7.5epss 0.40
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive…
- risk 0.49cvss 7.5epss 0.02
The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors.
- CVE-2024-21989Apr 17, 2024risk 0.00cvss —epss 0.00
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.
- CVE-2019-17272Nov 21, 2019risk 0.00cvss —epss 0.01
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
- CVE-2019-5509Nov 21, 2019risk 0.00cvss —epss 0.02
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
- CVE-2019-5505Sep 24, 2019risk 0.00cvss —epss 0.01
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
- CVE-2019-5504Sep 24, 2019risk 0.00cvss —epss 0.02
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.