Netapp: >> Data Ontap >> 7.3.7 Security Vulnerabilities
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
CVSS Score
9.1
EPSS Score
0.002
Published
2019-08-05
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-08-02
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-08-02
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
CVSS Score
4.4
EPSS Score
0.002
Published
2018-12-04
NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
5.9
EPSS Score
0.006
Published
2017-08-18
NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.
CVSS Score
5.9
EPSS Score
0.004
Published
2017-02-07
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.
CVSS Score
3.7
EPSS Score
0.002
Published
2016-01-18
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
CVSS Score
10.0
EPSS Score
0.031
Published
2008-07-28