CVE-2023-27311

CVE-2023-27311 affects NetApp Blue XP Connector before version 3.9.25. The vulnerability arises from information being exposed via directory listings due to the legacy connector architecture. The documented remediation is to redeploy a fresh Connector with the new architecture (3.9.25+). No explo...

PT-2023-21060 · Netapp · Netapp Blue Xp Connector

Name of the Vulnerable Software and Affected Versions: NetApp Blue XP Connector versions prior to 3.9.25 Description: The issue exposes information via a directory listing. A new Connector architecture resolves this problem. Recommendations: For versions prior to 3.9.25, redeploy a fresh Connecto...

CVE-2023-27311

NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing. A new Connector architecture resolves this issue - obtaining the fix requires redeploying a fresh Connector...

Vulnerability fixed in Netapp SnapCenter

Netapp has fixed a vulnerability in SnapCenter. A unauthenticated malicious party could exploit the vulnerability to gain access to the backup environment with administrator privileges. This allows the malicious party to gain access to sensitive information, manipulate data or cause a...

NetApp SnapCenter 安全漏洞

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in NetApp SnapCenter version 4.7 up to and including version 4.7P2 and version 4.8 up to and includin...

Security Bulletin: Vulnerabilites in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)

Summary IBM Spectrum Protect Backup-Archive Client's use of NetApp Services can be affected by vulnerabilities in OpenSSL. Vulnerabilities include disclosure of sensitive information and denial of service, as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details...

NetApp StorageGRID 安全漏洞

NetApp StorageGRID is an object storage solution from NetApp. A security vulnerability exists in NetApp StorageGRID versions prior to 11.6.0.8, which stems from susceptibility to a denial-of-service DoS vulnerability that can be exploited by an attacker to cause the Local Distribution Router LDR...

NetApp Active IQ Unified Manager 跨站脚本漏洞

NetApp Active IQ Unified Manager is an ONTAP storage product monitoring and management solution from Network Appliance NetApp. The product supports features such as performance monitoring and secret key management. A security vulnerability exists in Active IQ Unified Manager. An attacker exploite...

Active IQ Unified Manager 安全漏洞

NetApp Active IQ Unified Manager is an ONTAP storage product monitoring and management solution from Network Appliance NetApp. The product supports features such as performance monitoring and secret key management. A security vulnerability exists in Active IQ Unified Manager. An attacker exploite...

SUSE CVE-2008-0960

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

OnCommand Insight 授权问题漏洞

NetApp Oncommand Insight is a suite of hybrid cloud data center management software from Network Appliance NetApp. The software provides features such as monitoring and managing multi-vendor IT infrastructures, optimizing storage resource management, and more. A security vulnerability exists in...

Vulnerabilities fixed in NetApp Clustered Data ONTAP

NetApp has fixed several vulnerabilities in Clustered Data ONTAP. The vulnerabilities are in underlying libraries such as libcurl, libexpat and libxml2. The vulnerabilities allow a malicious party to cause a denial-of-service, gain access to sensitive data and/or manipulate it. NetApp has release...

Netapp Clustered Data ONTAP 安全漏洞

Netapp Clustered Data ONTAP is a storage operating system for clustered mode from Network Apparatus of America Netapp. A security vulnerability exists in Netapp Clustered Data ONTAP versions 9.11.1 through 9.11.1P2. An attacker could exploit the vulnerability to arbitrarily modify or delete WORM...

NetApp SnapCenter 安全漏洞

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in NetApp SnapCenter versions prior to 4.7 that stems from a failure to implement a content security...

NetApp SnapCenter 路径遍历漏洞

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in NetApp SnapCenter. An attacker exploited the vulnerability to gain access to data in order to read...

Netapp Active IQ Unified Manager 信息泄露漏洞

Netapp Active IQ Unified Manager is an ONTAP storage product monitoring and management solution from Network Appliance Netapp. The product supports features such as performance monitoring and secret key management. A security vulnerability exists in Netapp Active IQ Unified Manager versions prior...

Netapp StorageGRID 安全漏洞

Netapp StorageGRID is a suite of object storage solutions from Network Appliance Netapp USA. A security vulnerability exists in StorageGRID formerly StorageGRID Webscale versions 11.6.0 through 11.6.0.2. A remote attacker could exploit the vulnerability to view limited metrics information and...

Security Bulletin: Denial of Service vulnerability in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client (CVE-2022-0778)

Summary OpenSSL vulnerabilities were disclosed on March 15, 2022 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services, has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2022-0778 DESCRIPTION: OpenSSL ...

Malicious code in azure-arm-netapp-samples-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35155379d89f767e850b2e2611d66275b1450141c15b851110af50c10448013f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1263 Malicious code in azure-arm-netapp-samples-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35155379d89f767e850b2e2611d66275b1450141c15b851110af50c10448013f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...