Note:
This project will be discontinued after December 13, 2021. [more]
Product:
E\-Series_santricity_os_controller
(Netapp)| Repositories |
• https://github.com/Perl/perl5
• https://github.com/mm2/Little-CMS • https://github.com/madler/zlib |
| #Vulnerabilities | 244 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-15 | CVE-2020-2830 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java... | Ubuntu_linux, Debian_linux, Fedora, Threat_intelligence_exchange_server, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Jdk, Jre, Openjdk | 5.3 | ||
| 2020-04-15 | CVE-2020-2816 | Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the... | Ubuntu_linux, Debian_linux, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Jdk, Jre, Openjdk | 7.5 | ||
| 2020-07-15 | CVE-2020-14562 | Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients... | Ubuntu_linux, Debian_linux, Fedora, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Leap, Jdk | N/A | ||
| 2020-07-15 | CVE-2020-14573 | Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be... | Ubuntu_linux, Debian_linux, Fedora, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_unified_manager, E\-Series_santricity_web_services_proxy, Leap, Jdk | N/A | ||
| 2020-07-15 | CVE-2020-14664 | Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can... | 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, Cloud_secure_agent, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_workflow_automation, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Jdk, Jre | N/A | ||
| 2020-07-30 | CVE-2020-16166 | The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, E\-Series_santricity_os_controller, H410c_firmware, Hci_bootstrap_os, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Sd\-Wan_edge | 3.7 | ||
| 2020-11-06 | CVE-2020-8580 | SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS). | E\-Series_santricity_os_controller | 7.5 | ||
| 2020-11-06 | CVE-2020-8577 | SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session. | E\-Series_santricity_os_controller | 5.9 | ||
| 2020-12-08 | CVE-2020-1971 | The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp... | Debian_linux, Fedora, Active_iq_unified_manager, Aff_a250_firmware, Clustered_data_ontap_antivirus_connector, Data_ontap, E\-Series_santricity_os_controller, Ef600a_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Manageability_software_development_kit, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_smi\-S_provider, Snapcenter, Solidfire, Node\.js, Openssl, Api_gateway, Business_intelligence, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_diameter_intelligence_hub, Communications_session_border_controller, Communications_session_router, Communications_subscriber\-Aware_load_balancer, Communications_unified_session_manager, Enterprise_communications_broker, Enterprise_manager_base_platform, Enterprise_manager_for_storage_management, Enterprise_manager_ops_center, Enterprise_session_border_controller, Essbase, Graalvm, Http_server, Jd_edwards_enterpriseone_tools, Jd_edwards_world_security, Mysql, Mysql_server, Peoplesoft_enterprise_peopletools, Sinec_infrastructure_network_services, Log_correlation_engine, Nessus_network_monitor | 5.9 | ||
| 2021-02-02 | CVE-2021-21284 | In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/<remapping>" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user. | Debian_linux, Docker, E\-Series_santricity_os_controller | 6.8 |