Clustered Data Ontap

clustered_data_ontap

Vendor: Netapp • 187 CVEs

CVEs (187)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-7704 6Citrix DebianMcafee+3 more 14Clustered Data Ontap Data OntapDebian Linux+11 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
CVE-2015-7702 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2015-7701 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-7692 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2015-7691 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Aug 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This...Show more The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.Show less
CVE-2016-8743 4Apache DebianNetapp+1 more 11Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+8 more May 13, 2026 Jul 27, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security conc...Show more Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.Show less
CVE-2015-7703 5Debian NetappNtp+2 more 13Clustered Data Ontap Data OntapDebian Linux+10 more May 13, 2026 Jul 24, 2017 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send...Show more The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.Show less
CVE-2017-7947 1Netapp 1Clustered Data Ontap May 13, 2026 Jul 17, 2017 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.
CVE-2017-11147 2Netapp Php 2Clustered Data Ontap Php May 13, 2026 Jul 10, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read...Show more In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.Show less
CVE-2016-3997 1Netapp 1Clustered Data Ontap May 13, 2026 Jul 3, 2017 N/A· v4 7.5 HIGH· v3 6.8 MEDIUM· v2 NetApp Clustered Data ONTAP allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service by leveraging failure to enable SMB signing enforcement in its default state.
CVE-2017-7668 6Apache AppleDebian+3 more 13Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+10 more May 13, 2026 Jun 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence...Show more The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.Show less
CVE-2017-3167 6Apache AppleDebian+3 more 14Clustered Data Ontap Debian LinuxEnterprise Linux Desktop+11 more May 13, 2026 Jun 20, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2017-9119 2Netapp Php 3Clustered Data Ontap PhpStorage Automation Store May 13, 2026 May 21, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted...Show more The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations on array data structures.Show less
CVE-2017-7345 1Netapp 1Clustered Data Ontap May 13, 2026 Apr 10, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which...Show more NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.Show less
CVE-2017-5988 1Netapp 1Clustered Data Ontap May 13, 2026 Apr 10, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2016-4341 1Netapp 1Clustered Data Ontap May 13, 2026 Feb 7, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors.
CVE-2016-2518 7Debian FreebsdNetapp+4 more 17Clustered Data Ontap Communications User Data RepositoryData Ontap+14 more May 13, 2026 Jan 30, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVE-2015-7977 8Canonical DebianFedoraproject+5 more 10Clustered Data Ontap Debian LinuxFedora+7 more May 13, 2026 Jan 30, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2015-7973 5Canonical FreebsdNetapp+2 more 7Clustered Data Ontap FreebsdNtp+4 more May 13, 2026 Jan 30, 2017 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2016-10160 3Debian NetappPhp 3Clustered Data Ontap Debian LinuxPhp May 13, 2026 Jan 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary...Show more Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.Show less

Previous 1...6 7 8910 Next