Clustered Data Ontap

clustered_data_ontap

Vendor: Netapp • 187 CVEs

CVEs (187)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-5611 2Freebsd Netapp 2Clustered Data Ontap Freebsd Nov 21, 2024 Aug 30, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to a...Show more In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service.Show less
CVE-2019-5610 2Freebsd Netapp 2Clustered Data Ontap Freebsd Nov 21, 2024 Aug 30, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly val...Show more In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service.Show less
CVE-2019-5608 2Freebsd Netapp 2Clustered Data Ontap Freebsd Nov 21, 2024 Aug 30, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly han...Show more In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.Show less
CVE-2019-9517 12Apache AppleCanonical+9 more 23Clustered Data Ontap Communications Element ManagerDebian Linux+20 more Jan 14, 2025 Aug 13, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they...Show more Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.Show less
CVE-2019-5497 1Netapp 2Aff A700s Firmware Clustered Data Ontap Nov 21, 2024 Jul 1, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
CVE-2019-13118 7Apple CanonicalFedoraproject+4 more 25Active Iq Unified Manager Cloud BackupClustered Data Ontap+22 more May 28, 2026 Jul 1, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of...Show more In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.Show less
CVE-2019-8936 5Fedoraproject HpeNetapp+2 more 6Clustered Data Ontap Data OntapFedora+3 more Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVE-2019-0217 8Apache CanonicalDebian+5 more 14Clustered Data Ontap Debian LinuxEnterprise Linux+11 more Nov 21, 2024 Apr 8, 2019 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing config...Show more In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.Show less
CVE-2019-5491 1Netapp 1Clustered Data Ontap Nov 21, 2024 Feb 27, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user.
CVE-2019-3823 5Canonical DebianHaxx+2 more 7Clustered Data Ontap Communications Operations MonitorDebian Linux+4 more Nov 21, 2024 Feb 6, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no...Show more libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.Show less
CVE-2019-3822 7Canonical DebianHaxx+4 more 16Active Iq Unified Manager Clustered Data OntapCommunications Operations Monitor+13 more Nov 21, 2024 Feb 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates th...Show more libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.Show less
CVE-2018-16890 8Canonical DebianF5+5 more 10Big Ip Access Policy Manager Clustered Data OntapCommunications Operations Monitor+7 more Nov 21, 2024 Feb 6, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incomin...Show more libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.Show less
CVE-2018-5498 1Netapp 1Clustered Data Ontap Nov 21, 2024 Feb 1, 2019 N/A· v4 4.4 MEDIUM· v3 3.5 LOW· v2 Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerabil...Show more Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service (DoS) on affected versions of clustered Data ONTAP configured for multiprotocol access.Show less
CVE-2018-5497 1Netapp 1Clustered Data Ontap Nov 21, 2024 Jan 24, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
CVE-2018-15473 7Canonical DebianNetapp+4 more 22Aff Baseboard Management Controller Cloud BackupClustered Data Ontap+19 more Dec 17, 2025 Aug 17, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c,...Show more OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.Show less
CVE-2018-5490 1Netapp 1Clustered Data Ontap Nov 21, 2024 Aug 3, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavi...Show more Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release candidates (RCs) are requested to update their systems to the NetApp Data ONTAP 8.3 GA release.Show less
CVE-2018-1312 5Apache CanonicalDebian+2 more 13Cloud Backup Clustered Data OntapDebian Linux+10 more Nov 21, 2024 Mar 26, 2018 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a co...Show more In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.Show less
CVE-2018-1303 4Apache CanonicalDebian+1 more 7Clustered Data Ontap Debian LinuxHttp Server+4 more Nov 21, 2024 Mar 26, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Se...Show more A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.Show less
CVE-2018-1302 3Apache CanonicalNetapp 6Clustered Data Ontap Http ServerSantricity Cloud Connector+3 more Nov 21, 2024 Mar 26, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server...Show more When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.Show less
CVE-2018-1301 5Apache CanonicalDebian+2 more 8Clustered Data Ontap Debian LinuxEnterprise Linux+5 more Nov 21, 2024 Mar 26, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very...Show more A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.Show less

Previous 1...678 9 10 Next