Lucene search
K

7 matches found

CVE
CVE
added 2021/04/01 2:20 p.m.558 views

CVE-2021-28165

The CVE-2021-28165 issue affects Eclipse Jetty versions 7.2.2–9.4.38, 10.0.0.alpha0–10.0.1, and 11.0.0.alpha0–11.0.1, where handling a large invalid TLS frame can cause CPU usage to reach 100%, leading to resource exhaustion. The underlying cause is described as abnormal processing after receivin...

7.8CVSS7.3AI score0.53861EPSS
CVE
CVE
added 2021/08/06 2:19 p.m.96 views

CVE-2021-26998

CVE-2021-26998 affects NetApp Cloud Manager prior to 3.9.9, where a flaw allows sensitive information in logs to be exposed to authenticated users. Public sources consistently identify the affected product and version range and confirm the impact as information disclosure. Remediation per the doc...

4.3CVSS4.3AI score0.00646EPSS
CVE
CVE
added 2021/08/06 2:20 p.m.86 views

CVE-2021-26999

CVE-2021-26999 affects NetApp Cloud Manager prior to 3.9.9, where failing an Active Directory connection causes sensitive information to be logged. The logs are available only to authenticated users. Auto-upgrade customers should already be on a fixed version, while users with on‑prem connectors ...

4.3CVSS4.3AI score0.00646EPSS
CVE
CVE
added 2021/03/19 6:39 p.m.57 views

CVE-2021-26992

CVE-2021-26992 affects NetApp Cloud Manager prior to version 3.9.4. The issue allows a remote attacker to cause a Denial of Service (DoS). Documents consistently indicate Cloud Manager, a centralized system for managing local and cloud storage, is vulnerable if running a version before 3.9.4. The...

7.5CVSS7.4AI score0.01365EPSS
CVE
CVE
added 2021/03/19 6:42 p.m.52 views

CVE-2021-26990

CVE-2021-26990 affects NetApp Cloud Manager. Versions prior to 3.9.4 are susceptible to an arbitrary file overwrite vulnerability that could allow a remote attacker to overwrite arbitrary system files. Root cause: a pre-3.9.4 flaw in Cloud Manager. Impact: potential compromise of file integrity a...

9.4CVSS9AI score0.01542EPSS
CVE
CVE
added 2021/03/19 6:34 p.m.49 views

CVE-2021-26991

NetApp Cloud Manager before version 3.9.4 is affected by CVE-2021-26991 due to an insecure Cross-Origin Resource Sharing (CORS) policy, which could allow a remote attacker to interact with Cloud Manager. Root cause is a misconfigured CORS policy. The public records do not detail specific exploits...

7.5CVSS7.4AI score0.01197EPSS
CVE
CVE
added 2021/10/11 4:37 p.m.43 views

CVE-2021-27002

CVE-2021-27002 affects NetApp Cloud Manager prior to 3.9.10. Affected component: the web proxy/authorization flow. Root cause: improper validation in the proxy allows a remote unauthenticated attacker to retrieve sensitive data. Impact: exposure of sensitive data via the web proxy. Mitigation: up...

7.5CVSS7.5AI score0.01347EPSS