Data Ontap Security Vulnerabilities and Issues — Data Ontap CVE List

Lucene search

NetappData Ontap

14 matches found

CVE•added 2017/08/07 8:29 p.m.•299 views

CVE-2015-7871

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

9.8CVSS9.3AI score0.84001EPSS

CVE•added 2017/08/07 8:29 p.m.•215 views

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.

9.8CVSS9.5AI score0.12761EPSS

CVE•added 2017/08/07 8:29 p.m.•207 views

CVE-2015-7705

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

9.8CVSS9.4AI score0.25676EPSS

CVE•added 2017/08/07 8:29 p.m.•183 views

CVE-2015-7704

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

7.5CVSS8.2AI score0.57035EPSS

CVE•added 2017/08/07 8:29 p.m.•168 views

CVE-2015-7701

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

7.5CVSS8.2AI score0.06317EPSS

CVE•added 2017/08/07 8:29 p.m.•167 views

CVE-2015-7691

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5CVSS7.8AI score0.11502EPSS

CVE•added 2017/08/07 8:29 p.m.•154 views

CVE-2015-7692

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5CVSS7.9AI score0.11502EPSS

CVE•added 2017/08/07 8:29 p.m.•152 views

CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

6.5CVSS7.4AI score0.48405EPSS

CVE•added 2017/08/07 8:29 p.m.•151 views

CVE-2015-7702

6.5CVSS7.9AI score0.11502EPSS

CVE•added 2017/08/07 8:29 p.m.•147 views

CVE-2015-7850

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.

6.5CVSS7.2AI score0.026EPSS

CVE•added 2017/08/07 8:29 p.m.•135 views

CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

5.9CVSS7.1AI score0.0317EPSS

CVE•added 2017/08/07 8:29 p.m.•104 views

CVE-2015-7849

Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.

8.8CVSS9.1AI score0.04365EPSS

CVE•added 2017/08/07 8:29 p.m.•97 views

CVE-2015-7854

Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.

8.8CVSS9.3AI score0.03557EPSS

CVE•added 2017/08/18 4:29 p.m.•49 views

CVE-2017-12859

NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.

5.9CVSS5.6AI score0.00585EPSS