Shodan
Vulnerabilities
Vulnerable Software
Netapp:  Security Vulnerabilities
CVE-2019-14598
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.
CVSS Score
6.7
EPSS Score
0.003
Published
2020-02-13
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2020-02-11
CVE-2020-8840
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
CVSS Score
9.8
EPSS Score
0.082
Published
2020-02-10
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVSS Score
7.1
EPSS Score
0.0
Published
2020-02-06
CVE-2019-9674
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
CVSS Score
7.5
EPSS Score
0.012
Published
2020-02-04
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
CVSS Score
6.5
EPSS Score
0.009
Published
2020-02-02
CVE-2013-3322
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface.
CVSS Score
7.2
EPSS Score
0.025
Published
2020-01-31
CVE-2019-17273
E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in IPv6 environments.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-01-30
CVE-2013-3320
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-01-29
CVE-2013-3321
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-01-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved