VYPR

Vendor CVEs

NetApp

All CVEs

362 total · sorted by risk
  • CVE-2019-5491Feb 27, 2019
    risk 0.00cvss epss 0.02

    Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.

  • CVE-2018-5498Feb 1, 2019
    risk 0.00cvss epss 0.01

    Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a…

  • CVE-2018-5497Jan 24, 2019
    risk 0.00cvss epss 0.00

    Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

  • CVE-2018-5481Jan 7, 2019
    risk 0.00cvss epss 0.01

    OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.

  • CVE-2018-5496Dec 4, 2018
    risk 0.00cvss epss 0.00

    Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

  • CVE-2018-5495Nov 14, 2018
    risk 0.00cvss epss 0.02

    All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.

  • CVE-2014-9354Feb 6, 2015
    risk 0.00cvss epss 0.01

    NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.

  • CVE-2014-9353Feb 6, 2015
    risk 0.00cvss epss 0.03

    NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.

  • CVE-2008-3349Jul 28, 2008
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access…

  • CVE-2007-2379Apr 30, 2007
    risk 0.00cvss epss 0.03

    The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the…

  • CVE-2006-3569Jul 13, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect…

  • CVE-1999-0472Apr 7, 1999
    risk 0.00cvss epss 0.02

    The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.

Page 8 of 8