CVE-2024-21985 – Privilege Escalation Vulnerability in ONTAP 9
https://notcve.org/view.php?id=CVE-2024-21985
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible actions include viewing limited configuration details and metrics or modifying limited settings, some of which could result in a Denial of Service (DoS). Las versiones de ONTAP 9 anteriores a 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 y 9.13.1P4 son susceptibles a una vulnerabilidad que podría permitir a un usuario autenticado con múltiples cuentas remotas con diferentes roles realizar acciones a través de la API REST más allá de su privilegio pretendido. Las posibles acciones incluyen ver métricas y detalles de configuración limitados o modificar configuraciones limitadas, algunas de las cuales podrían resultar en una denegación de servicio (DoS). • https://security.netapp.com/advisory/ntap-20240126-0001 • CWE-269: Improper Privilege Management •
CVE-2024-21982 – CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9
https://notcve.org/view.php?id=CVE-2024-21982
ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user. Las versiones de ONTAP 9.4 y superiores son susceptibles a una vulnerabilidad que, cuando se explota con éxito, podría provocar la divulgación de información confidencial a atacantes sin privilegios cuando un usuario administrativo ejecuta el comando del generador de perfiles del almacén de objetos. • https://security.netapp.com/advisory/ntap-20240111-0001 •
CVE-2023-27314 – Denial of Service Vulnerability in ONTAP 9
https://notcve.org/view.php?id=CVE-2023-27314
ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to cause a crash of the HTTP service. Las versiones de ONTAP 9 anteriores a 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 y 9.13.1 son susceptibles a una vulnerabilidad que podría permitir que un atacante remoto no autenticado provoque una falla del servicio HTTP. • https://security.netapp.com/advisory/ntap-20231009-0001 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-36054 – krb5: Denial of service through freeing uninitialized pointer
https://notcve.org/view.php?id=CVE-2023-36054
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. A vulnerability was found in the _xdr_kadm5_principal_ent_rec() function in lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (krb5). This issue occurs due to lack of validation in the relationship between n_key_data and the key_data array count, leading to the freeing of uninitialized pointers. • https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html https://security.netapp.com/advisory/ntap-20230908-0004 https://web.mit.edu/kerberos/www/advisories https://access.redhat.com/security/cve/CVE-2023-36054 https://bugzilla.redhat.com • CWE-824: Access of Uninitialized Pointer •
CVE-2023-3107 – Remote denial of service in IPv6 fragment reassembly
https://notcve.org/view.php?id=CVE-2023-3107
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service. Un conjunto de paquetes ipv6 cuidadosamente diseñados puede desencadenar un desbordamiento de enteros en el cálculo del campo de longitud de la carga útil de un paquete reensamblado por fragmentos. Esto permite a un atacante desencadenar un kernel panic, resultando en una denegación de servicio. • https://security.FreeBSD.org/advisories/FreeBSD-SA-23:06.ipv6.asc https://security.netapp.com/advisory/ntap-20230804-0001 • CWE-190: Integer Overflow or Wraparound •