Vulnerabilidades em NetApp
68 resultadosCVE-2018-5482—NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmissiEPSS 0.9%CVE-2018-5490—Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow moreEPSS 0.9%CVE-2018-5489—NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be resEPSS 0.8%CVE-2019-17273—E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of SEPSS 0.7%CVE-2019-5494—OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attackEPSS 0.7%CVE-2019-5496—Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sEPSS 0.7%CVE-2023-27318MEDIUMDenial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) EPSS 0.7%CVE-2019-5503—OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker tEPSS 0.7%CVE-2017-15515—NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbiEPSS 0.7%CVE-2018-5481—OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances makiEPSS 0.6%CVE-2023-27314HIGHDenial of Service Vulnerability in ONTAP 9EPSS 0.6%CVE-2025-26512CRITICALCVE-2025-26512 Privilege Escalation Vulnerability in SnapCenterEPSS 0.6%CVE-2019-17274—NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default aEPSS 0.6%CVE-2017-15516—NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used tEPSS 0.6%CVE-2025-26511HIGHCassandra-Lucene-Index allows bypass of Cassandra RBACEPSS 0.5%CVE-2024-21983MEDIUMDenial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) EPSS 0.5%CVE-2023-27313HIGHPrivilege Escalation Vulnerability in SnapCenterEPSS 0.5%CVE-2024-21989HIGHPrivilege Escalation Vulnerability in ONTAP Select Deploy administration utilityEPSS 0.4%CVE-2018-5485—NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escEPSS 0.4%CVE-2018-5486—NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthEPSS 0.4%