Fabric-attached Storage A400 Firmware Security Vulnerabilities and Issues — Fabric-attached Storage A400 Firmware CVE List

Lucene search

NetappFabric-attached Storage A400 Firmware

8 matches found

CVE•added 2022/05/03 4:15 p.m.•1124 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.6768EPSS

CVE•added 2020/04/17 4:15 a.m.•624 views

CVE-2020-11868

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

7.5CVSS7.3AI score0.00597EPSS

CVE•added 2021/12/25 2:15 a.m.•314 views

CVE-2021-45485

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

7.5CVSS7.2AI score0.00512EPSS

CVE•added 2020/11/23 9:15 p.m.•281 views

CVE-2020-15436

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

7.2CVSS6.9AI score0.00115EPSS

CVE•added 2022/05/03 4:15 p.m.•214 views

CVE-2022-1473

The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will ...

7.5CVSS8.2AI score0.00238EPSS

CVE•added 2022/05/03 4:15 p.m.•182 views

CVE-2022-1343

The function OCSP_basic_verify verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is an...

5.3CVSS7AI score0.00127EPSS

CVE•added 2022/05/03 4:15 p.m.•169 views

CVE-2022-1434

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient...

5.9CVSS7.3AI score0.00059EPSS

CVE•added 2021/06/07 8:15 p.m.•103 views

CVE-2019-25045

An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

7.8CVSS7AI score0.00139EPSS