Netapp

Clustered Data Ontap

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-38477

  • EPSS 0.5%
  • Veröffentlicht 01.07.2024 19:15:05
  • Zuletzt bearbeitet 18.03.2025 19:15:42

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

9.8

CVE-2024-38476

  • EPSS 2.89%
  • Veröffentlicht 01.07.2024 19:15:04
  • Zuletzt bearbeitet 02.12.2024 17:36:33

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to...

9.8

CVE-2024-38474

  • EPSS 0.59%
  • Veröffentlicht 01.07.2024 19:15:04
  • Zuletzt bearbeitet 25.03.2025 19:15:43

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only t...

6.5

CVE-2024-21982

  • EPSS 0.28%
  • Veröffentlicht 12.01.2024 00:15:45
  • Zuletzt bearbeitet 21.11.2024 08:55:19

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative...

7.5

CVE-2023-38403

  • EPSS 1.25%
  • Veröffentlicht 17.07.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:13:29

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

8.1

CVE-2022-23241

  • EPSS 0.48%
  • Veröffentlicht 19.10.2022 18:15:12
  • Zuletzt bearbeitet 09.05.2025 15:15:50

Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retentio...

5.5

CVE-2021-27001

  • EPSS 0.06%
  • Veröffentlicht 19.10.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:57:10

Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of t...

4.7

CVE-2021-27003

  • EPSS 0.21%
  • Veröffentlicht 12.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:57:10

Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.

6.5

CVE-2021-26994

  • EPSS 0.37%
  • Veröffentlicht 04.06.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 05:57:09

Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node.

3.5

CVE-2020-8588

  • EPSS 0.09%
  • Veröffentlicht 03.02.2021 18:15:16
  • Zuletzt bearbeitet 21.11.2024 05:39:04

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Machines (SVMs).