CVE-2015-7746
https://notcve.org/view.php?id=CVE-2015-7746
NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language. NetApp Data ONTAP en versiones anteriores a la 8.2.4, al operar en 7-Mode, permite que atacantes remotos omitan la autenticación y (1) obtengan información sensible de o (2) modificar volúmenes mediante vectores relacionados con UTF-8 en el lenguaje del volumen. • https://kb.netapp.com/support/index?page=content&id=9010049 • CWE-287: Improper Authentication •
CVE-2017-12859
https://notcve.org/view.php?id=CVE-2017-12859
NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. NetApp Data ONTAP en su versión 8.2.5, cuando opera en 7-Mode en entornos NFS, permite a los atacantes remotos provocar una denegación de servicio mediante vectores no especificados. • http://www.securityfocus.com/bid/100417 https://kb.netapp.com/support/s/article/NTAP-20170815-0002 • CWE-20: Improper Input Validation •
CVE-2016-3400
https://notcve.org/view.php?id=CVE-2016-3400
NetApp Data ONTAP 8.1 and 8.2, when operating in 7-Mode, allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol. Data ONTAP versiones 8.1 y 8.2 de NetApp, cuando operan en modo 7, permiten a atacantes de tipo man-in-the-middle obtener información confidencial, alcanzar privilegios o causar una denegación de servicio por medio de vectores relacionados con el protocolo SMB. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1006063 http://www.securityfocus.com/bid/99101 https://exchange.xforce.ibmcloud.com/vulnerabilities/113589 https://kb.netapp.com/support/s/article/ka51A0000008SXzQAM/smb-vulnerabilities-in-multiple-netapp-products • CWE-254: 7PK - Security Features •
CVE-2016-6495
https://notcve.org/view.php?id=CVE-2016-6495
NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access. NetApp Data ONTAP en versiones anteriores a 8.2.4P5, cuando opera en 7-Mode, permite a atacantes remotos obtener información sobre los volúmenes configurados para el acceso HTTP. • https://kb.netapp.com/support/s/article/NTAP-20160929-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-7886
https://notcve.org/view.php?id=CVE-2015-7886
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors. NetApp Data ONTAP en versiones anterioers a 8.2.4P1, cuando 7-Mode y el acceso HTTP están habilitados, permite a atacantes remotos obtener información sensible del volumen a través de vectores no especificados. • http://kb.netapp.com/support/index?page=content&id=9010055 https://security.netapp.com/advisory/ntap-20160114-0002 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •