netapp

2,510 tracked vulnerabilities.

CVE-2017-7657 CRITICAL
Eclipse Jetty <9.2.x, 9.3.x - Buffer Overflow
Jun 26, 2018
CVSS 9.8
EPSS 0.07
CVE-2017-7568 MEDIUM
NetApp OnCommand Unified Manager for 7-Mode <5.2.3 - Info Disclosure
Jun 22, 2018
CVSS 5.3
EPSS 0.01
CVE-2017-15715 HIGH NUCLEI
Apache httpd <=2.4.29 - Arbitrary File Upload
Mar 26, 2018
CVSS 8.1
EPSS 0.94
CVE-2017-15710 HIGH
Apache HTTP Server 2.0.23-2.0.65, 2.2.0-2.2.34, 2.4.0-2.4.29 - Out-of-bounds Write in mod_authnz_ldap
Mar 26, 2018
CVSS 7.5
EPSS 0.12
CVE-2017-15519 HIGH
SnapCenter 2.0-3.0.1 - Unauthenticated Data Access and Modification via Plug-in for NAS File Services
Mar 06, 2018
CVSS 7.2
EPSS 0.00
CVE-2017-15518 HIGH
NetApp OnCommand API Services < 2.1 & Service Level Manager < 1.0RC4 - Sensitive Info Exposure
Feb 23, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-7525 CRITICAL
jackson-databind <2.6.7.1, <2.7.9.1, <2.8.9 - Code Injection
Feb 06, 2018
CVSS 9.8
EPSS 0.82
CVE-2017-15095 CRITICAL
jackson-databind <2.8.10, 2.9.1 - Code Injection
Feb 06, 2018
CVSS 9.8
EPSS 0.08
CVE-2017-1784 MEDIUM
IBM Cognos Analytics 11.0 - Exposure of Sensitive Information in Temporary Files
Jan 29, 2018
CVSS 5.5
EPSS 0.00
CVE-2017-1783 MEDIUM
IBM Cognos Analytics 11.0 - Improper Authentication
Jan 29, 2018
CVSS 4.0
EPSS 0.00
CVE-2017-1779 HIGH
IBM Cognos Analytics 11.0 - Insufficiently Protected Credentials
Jan 29, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-17485 CRITICAL
jackson-databind < 2.6.7.3, 2.9.0-2.9.3 - Unauthenticated Remote Code Execution via Malicious JSON Input
Jan 10, 2018
CVSS 9.8
EPSS 0.85
CVE-2017-5753 MEDIUM
Intel Atom - Information Disclosure via Speculative Execution Side-Channel
Jan 04, 2018
CVSS 5.6
EPSS 0.94
CVE-2017-5715 MEDIUM
Intel Atom C/E/X3 - Information Disclosure via Speculative Execution Side-Channel
Jan 04, 2018
CVSS 5.6
EPSS 0.89
CVE-2017-14583 MEDIUM
NetApp Clustered Data ONTAP <9.1P10,9.2P2 - DoS
Dec 18, 2017
CVSS 6.5
EPSS 0.00
CVE-2017-15707 MEDIUM
Apache Struts 2.5-2.5.14 - Denial of Service via Malicious JSON Payload
Dec 01, 2017
CVSS 6.2
EPSS 0.02
CVE-2017-15517 MEDIUM
NetApp AltaVault OST Plug-in < 1.2.2 - Exposure of Sensitive Information
Nov 17, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-15516 HIGH
NetApp SnapCenter Server 1.1-2.x - Cross-Site Request Forgery
Nov 16, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-5201 MEDIUM
NetApp Clustered Data ONTAP <8.3.2P8 & 9.0 <P2 - Info Disclosure
Nov 10, 2017
CVSS 5.7
EPSS 0.00
CVE-2017-11461 MEDIUM
NetApp OnCommand Unified Manager - CSRF
Nov 10, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-16642 HIGH
PHP <5.6.32, 7.x <7.0.25, 7.1.x <7.1.11 - Info Disclosure
Nov 07, 2017
CVSS 7.5
EPSS 0.08
CVE-2017-15906 MEDIUM
OpenSSH < 7.6 - Unauthenticated Arbitrary File Creation in Readonly Mode
Oct 26, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-10388 HIGH
Oracle JDK and JRE - Remote Code Execution via Kerberos
Oct 19, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-10384 MEDIUM
Oracle MySQL Server < 5.5.57 - Authenticated Denial of Service via DDL Subcomponent
Oct 19, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-10379 MEDIUM
MySQL < 5.5.57, 5.6.37, 5.7.19 - Authenticated Unauthorized Data Access via Client Programs
Oct 19, 2017
CVSS 6.5
EPSS 0.00
Products
oncommand_insight 971 active_iq_unified_manager 848 oncommand_workflow_automation 743 snapcenter 575 cloud_backup 345 h700s_firmware 289 h300s_firmware 288 h410s_firmware 288 h500s_firmware 288 e-series_santricity_os_controller 242 h410c_firmware 236 steelstore_cloud_integrated_storage 211 solidfire 192 clustered_data_ontap 187 hci_management_node 182 snapmanager 180 ontap_select_deploy_administration_utility 179 oncommand_unified_manager 169 h700e_firmware 149 h300e_firmware 148 h500e_firmware 148 e-series_santricity_storage_manager 140 storage_automation_store 113 solidfire_\&_hci_management_node 103 element_software 100 e-series_santricity_web_services 99 oncommand_balance 83 santricity_unified_manager 77 7-mode_transition_tool 75 oncommand_performance_manager 73
Quick Filters
Critical CVEs With Exploits In CISA KEV