CVE-2019-8936
https://notcve.org/view.php?id=CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. • https://github.com/snappyJack/CVE-2019-8936 http://bugs.ntp.org/show_bug.cgi?id=3565 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html http://support.ntp.org/bin/view/Main/SecurityNotice https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP http • CWE-476: NULL Pointer Dereference •
CVE-2018-5497
https://notcve.org/view.php?id=CVE-2018-5497
Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. Clustered Data ONTAP, en sus versiones anteriores a las 9.1P16, 9.3P10 y 9.4P5, es susceptible a una vulnerabilidad que divulga información sensible a un usuario no autenticado. • https://security.netapp.com/advisory/ntap-20190109-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-5490
https://notcve.org/view.php?id=CVE-2018-5490
Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release candidates (RCs) are requested to update their systems to the NetApp Data ONTAP 8.3 GA release. Las reglas de política de exportación de solo lectura no se aplican correctamente en Clustered Data ONTAP en versiones 8.3 Release Candidate y, por lo tanto, podrían permitir más que el acceso "solo lectura" desde clientes SMBv2 y SMBv3 autenticados. Este comportamiento ha sido resuelto en la versión GA. • https://security.netapp.com/advisory/ntap-20150324-0001 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2017-5201
https://notcve.org/view.php?id=CVE-2017-5201
NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064. NetApp Clustered Data ONTAP en versiones anteriores a la 8.3.2P8 y 9.0 anteriores a P2 permite que usuarios autenticados remotos obtengan información sensible del clúster y del tenant mediante vectores no especificados. Esta vulnerabilidad es diferente de CVE-2016-3064. • http://www.securityfocus.com/bid/101776 https://security.netapp.com/advisory/ntap-20170809-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-12423
https://notcve.org/view.php?id=CVE-2017-12423
NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to read data on other Storage Virtual Machines (SVMs) via unspecified vectors. NetApp Clustered Data ONTAP 8.3.x en versiones anteriores a la 8.3.2P12 permite que atacantes remotos autenticados lean datos en otras máquinas virtuales de almacenamiento (SVM) mediante vectores sin especificar. • https://kb.netapp.com/support/s/article/NTAP-20170831-0002 •