Netapp

Clustered Data Ontap

144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2019-9517

  • EPSS 4.56%
  • Veröffentlicht 13.08.2019 21:15:12
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so...

5.3

CVE-2019-13118

  • EPSS 1.21%
  • Veröffentlicht 01.07.2019 02:15:09
  • Zuletzt bearbeitet 21.11.2024 04:24:13

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

7.5

CVE-2019-5491

  • EPSS 0.52%
  • Veröffentlicht 27.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:45:02

Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.

9.8

CVE-2019-3822

Exploit
  • EPSS 26.44%
  • Veröffentlicht 06.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:36

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents...

4.4

CVE-2018-5498

  • EPSS 0.51%
  • Veröffentlicht 01.02.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:55

Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authen...

4.4

CVE-2018-5497

  • EPSS 0.15%
  • Veröffentlicht 24.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:55

Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.

8.8

CVE-2018-5490

  • EPSS 0.32%
  • Veröffentlicht 03.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:54

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA...

5.9

CVE-2018-1302

  • EPSS 8.12%
  • Veröffentlicht 26.03.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:34

When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard t...

6.5

CVE-2017-14583

  • EPSS 0.3%
  • Veröffentlicht 18.12.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments.

5.7

CVE-2017-5201

  • EPSS 0.12%
  • Veröffentlicht 10.11.2017 02:29:19
  • Zuletzt bearbeitet 20.04.2025 01:37:25

NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064.