Filtered by vendor Netapp
Subscriptions
Total
2499 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27219 | 6 Broadcom, Debian, Fedoraproject and 3 more | 15 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 12 more | 2024-11-21 | 7.5 High |
| An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. | ||||
| CVE-2021-27218 | 6 Broadcom, Debian, Fedoraproject and 3 more | 8 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 5 more | 2024-11-21 | 7.5 High |
| An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. | ||||
| CVE-2021-27007 | 1 Netapp | 1 Virtual Desktop Service | 2024-11-21 | 9.8 Critical |
| NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote Desktop Session. | ||||
| CVE-2021-27006 | 1 Netapp | 1 Storagegrid | 2024-11-21 | 4.4 Medium |
| StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager. | ||||
| CVE-2021-27005 | 1 Netapp | 1 Ontap System Manager | 2024-11-21 | 7.5 High |
| Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server. | ||||
| CVE-2021-27004 | 1 Netapp | 1 Ontap System Manager | 2024-11-21 | 5.5 Medium |
| System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials. | ||||
| CVE-2021-27003 | 1 Netapp | 1 Clustered Data Ontap | 2024-11-21 | 4.7 Medium |
| Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. | ||||
| CVE-2021-27002 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 7.5 High |
| NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. | ||||
| CVE-2021-27001 | 1 Netapp | 1 Clustered Data Ontap | 2024-11-21 | 5.5 Medium |
| Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. | ||||
| CVE-2021-26999 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 4.3 Medium |
| NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version. | ||||
| CVE-2021-26998 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 4.3 Medium |
| NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version. | ||||
| CVE-2021-26997 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 6.5 Medium |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks. | ||||
| CVE-2021-26996 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 7.5 High |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks. | ||||
| CVE-2021-26995 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 8.8 High |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code. | ||||
| CVE-2021-26994 | 1 Netapp | 1 Clustered Data Ontap | 2024-11-21 | 6.5 Medium |
| Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node. | ||||
| CVE-2021-26993 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 5.3 Medium |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server. | ||||
| CVE-2021-26992 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 7.5 High |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | ||||
| CVE-2021-26991 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 7.5 High |
| Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager. | ||||
| CVE-2021-26990 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 9.1 Critical |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files. | ||||
| CVE-2021-26989 | 1 Netapp | 1 Data Ontap | 2024-11-21 | 6.5 Medium |
| Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access. | ||||