Clustered Data Ontap@9.0 Security Vulnerabilities and Issues — Clustered Data Ontap@9.0 CVE List

Lucene search

NetappClustered Data Ontap9.0

14 matches found

CVE•added 2024/07/01 7:15 p.m.•6122 views

CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

9.8CVSS6.2AI score0.01393EPSS

CVE•added 2024/07/01 7:15 p.m.•2002 views

CVE-2024-38474

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts indirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upg...

9.8CVSS9.8AI score0.0068EPSS

CVE•added 2024/07/01 7:15 p.m.•1066 views

CVE-2024-38477

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.Users are recommended to upgrade to version 2.4.60, which fixes this issue.

7.5CVSS8.7AI score0.01465EPSS

CVE•added 2023/02/23 8:15 p.m.•505 views

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl

9.1CVSS8.8AI score0.00109EPSS

CVE•added 2023/02/23 8:15 p.m.•436 views

CVE-2023-23915

A cleartext transmission of sensitive information vulnerability exists in curl

6.5CVSS6.2AI score0.0003EPSS

CVE•added 2023/08/07 7:15 p.m.•376 views

CVE-2023-36054

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_da...

6.5CVSS6.5AI score0.00704EPSS

CVE•added 2023/03/30 8:15 p.m.•205 views

CVE-2023-27533

A vulnerability in input validation exists in curl

8.8CVSS8.8AI score0.00098EPSS

CVE•added 2023/03/30 8:15 p.m.•183 views

CVE-2023-27538

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent ...

7.7CVSS7.1AI score0.00007EPSS

CVE•added 2023/07/17 9:15 p.m.•173 views

CVE-2023-38403

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

7.5CVSS7.6AI score0.01253EPSS

CVE•added 2023/03/30 8:15 p.m.•107 views

CVE-2023-27537

A double free vulnerability exists in libcurl

5.9CVSS5.7AI score0.00053EPSS

CVE•added 2023/08/01 11:15 p.m.•57 views

CVE-2023-3107

A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.

7.5CVSS7.3AI score0.00163EPSS

CVE•added 2017/07/17 9:29 p.m.•42 views

CVE-2017-7947

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.

6.5CVSS6.5AI score0.0029EPSS

CVE•added 2017/11/10 2:29 a.m.•41 views

CVE-2017-5201

NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064.

5.7CVSS5.5AI score0.00253EPSS

CVE•added 2017/04/10 3:59 p.m.•37 views

CVE-2017-5988

NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors.

7.5CVSS7.4AI score0.00598EPSS