Filtered by vendor Netapp
Subscriptions
Total
2293 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1894 | 1 Netapp | 1 Oncommand Workflow Automation | 2017-11-16 | N/A |
| NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2016-1563 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | N/A |
| NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-8544 | 1 Netapp | 1 Snapdrive | 2017-11-16 | N/A |
| NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-8322 | 1 Netapp | 1 Data Ontap | 2017-11-16 | N/A |
| NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-8020 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | N/A |
| Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure. | ||||
| CVE-2015-7886 | 1 Netapp | 1 Data Ontap | 2017-11-16 | N/A |
| NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors. | ||||
| CVE-2016-7171 | 1 Netapp | 1 Netapp Plug-in | 2017-11-15 | N/A |
| NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation. | ||||
| CVE-2017-7236 | 1 Netapp | 1 Oncommand Unified Manager Core Package | 2017-11-15 | N/A |
| SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2017-7947 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line. | ||||
| CVE-2017-5988 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2016-1895 | 1 Netapp | 1 Data Ontap | 2017-11-15 | N/A |
| NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. | ||||
| CVE-2016-6495 | 1 Netapp | 1 Data Ontap | 2017-11-15 | N/A |
| NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access. | ||||
| CVE-2016-6667 | 1 Netapp | 1 Oncommand Unified Manager For Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2017-12420 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-15 | N/A |
| Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code. | ||||
| CVE-2017-12859 | 1 Netapp | 1 Data Ontap | 2017-11-15 | N/A |
| NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2017-7439 | 1 Netapp | 1 Oncommand Unified Manager Core Package | 2017-11-15 | N/A |
| NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages. | ||||
| CVE-2017-7345 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-4341 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. | ||||
| CVE-2017-14053 | 1 Netapp | 1 Oncommand Unified Manager For Clustered Data Ontap | 2017-11-15 | N/A |
| NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | ||||
| CVE-2016-5045 | 1 Netapp | 1 Oncommand System Manager | 2017-11-15 | N/A |
| NetApp OnCommand System Manager before 9.0 allows remote attackers to obtain sensitive credentials via vectors related to cluster peering setup. | ||||