Netapp : Security Vulnerabilities, CVEs, Published In 2017 (Gain Privilege)
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
Max CVSS
9.8
EPSS Score
1.40%
Published
2017-06-20
Updated
2021-06-06
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
Max CVSS
9.3
EPSS Score
0.38%
Published
2017-02-07
Updated
2017-11-16
NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.20%
Published
2017-02-07
Updated
2017-02-24
NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups.
Max CVSS
8.1
EPSS Score
0.12%
Published
2017-08-07
Updated
2017-08-10
CVE-2015-7871
Public exploit
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
Max CVSS
9.8
EPSS Score
97.02%
Published
2017-08-07
Updated
2021-04-13
NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language.
Max CVSS
9.8
EPSS Score
0.47%
Published
2017-09-01
Updated
2017-09-06
6 vulnerabilities found