NetApp Clustered Data ONTAP 8.3

CPE Details

NetApp Clustered Data ONTAP 8.3
netapp
clustered_data_ontap
8.3
2019-04-08
14h28 +00:00
2021-06-24
16h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:netapp:clustered_data_ontap:8.3:*:*:*:*:*:*:*

Informations

Vendor

netapp

Product

clustered_data_ontap

Version

8.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-27003 2021-10-12
15h57 +00:00		 Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.
4.7
Medium
CVE-2021-26994 2021-06-04
08h56 +00:00		 Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node.
6.5
Medium
CVE-2019-10092 2019-09-26
12h07 +00:00		 In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
6.1
Medium
CVE-2019-8936 2019-05-15
13h37 +00:00		 NTP through 4.2.8p12 has a NULL Pointer Dereference.
7.5
High
CVE-2019-5490 2019-03-21
17h25 +00:00		 Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY.
9.8
Critical
CVE-2018-16890 2019-02-06
19h00 +00:00		 libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.
7.5
High
CVE-2019-3823 2019-02-06
19h00 +00:00		 libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.
7.5
High