Netapp StorageGRID 安全漏洞

Netapp StorageGRID is an object storage solution from NetApp USA.NetApp StorageGRID has a security vulnerability that could be exploited by an attacker to escalate its privileges and modify settings in SANtricity System Manager...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228-Advisories Please open Issues to include an adv...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Backup-Archive Client NetApp Services (CVE-2021-3712, CVE-2021-3711)

Summary OpenSSL vulnerabilities were disclosed on August 24, 2021 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services, has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSS...

Clustered Data ONTAP Denial of Service Vulnerability

Clustered Data ONTAP is a proprietary operating system used by NetApp for storage disk arrays.A denial-of-service vulnerability exists in Clustered Data ONTAP. An attacker could exploit this vulnerability to cause the httpd server to crash...

Vulnerability fixed in NetApp ONTAP

A vulnerability has been fixed in NetApp ONTAP. The vulnerability allows a malicious party to cause a denial-of-service cause with respect to the HTTP server in ONTAP. NetApp categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. NetApp has released updates to fix the...

Netapp Clustered Data ONTAP 资源管理错误漏洞

Clustered Data ONTAP is a proprietary operating system used by NetApp for storage disk arrays.A denial-of-service vulnerability exists in Clustered Data ONTAP. An attacker could exploit this vulnerability to cause the httpd server to crash...

Clustered Data ONTAP 安全漏洞

Netapp Clustered Data ONTAP is a storage operating system for clustered mode from the US-based Netapp. A security vulnerability exists in Clustered Data ONTAP that could allow a local attacker to discover plain text iSCSI CHAP credentials. The following products and versions are affected: System...

Netapp Clustered Data ONTAP 安全漏洞

Netapp Clustered Data ONTAP is a storage operating system for clustered mode from the US company Netapp. A security vulnerability exists in Clustered Data ONTAP 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2, which allows an authenticated, local attacker to arbitrarily modify...

Clustered Data ONTAP Clickjacking Vulnerability

Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. A clickjacking vulnerability exists in Clustered Data ONTAP versions 9.5P18, 9.6P15, 9.7P14, 9.8P5, and prior to 9.9.1. The vulnerability stems from the lack of an X-Frame-Options header in the product. An...

NetApp Clustered Data ONTAP X-Frame-Options Header Vulnerability - Lenovo Support US

No description provided...

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

Code injection

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

CVE-2021-27002

CVE-2021-27002 affects NetApp Cloud Manager prior to 3.9.10. Affected component: the web proxy/authorization flow. Root cause: improper validation in the proxy allows a remote unauthenticated attacker to retrieve sensitive data. Impact: exposure of sensitive data via the web proxy. Mitigation: up...

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

Netapp NetApp Cloud Manager 授权问题漏洞

Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An authorization issue vulnerability exists in NetApp Cloud Manager, which arises from the product not validating the identity of a user...

QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices

Network-attached storage NAS appliance maker QNAP said it's currently investigating two recently patched security flaws in OpenSSL to determine their potential impact, adding it will release security updates should its products turn out to be vulnerable. Tracked as CVE-2021-3711 CVSS score: 7.5 a...

QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

On Monday, QNAP put out two security advisories about OpenSSL remote-code execution and denial-of-service DoS bugs, fixed last week, that affect its network-attached storage NAS devices. The vulnerabilities are tracked as CVE-2021-3711 – a high-severity buffer overflow related to SM2 decryption–...

Vulnerability fixed in NetApp Clustered Data ONTAP

NetApp has fixed a vulnerability in the BSD sub-layer of Clustered Data ONTAP. The vulnerability is located in the ipv6 impelementation and potentially allows a malicious party to cause a denial-of-service exploit. NetApp has released updates to fix the vulnerability in Clustered Data ONTAP. For...

mysupport.netapp.com Cross Site Scripting vulnerability OBB-2126593

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...