Product:

Steelstore_cloud_integrated_storage

(Netapp)
Date Id Summary Products Score Patch Annotated
2018-07-18 CVE-2018-2973 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE... Xp7_command_view, Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Snapmanager, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Satellite 5.9
2018-07-18 CVE-2018-2964 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this... Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Snapmanager, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Jdk, Jre 8.3
2019-12-23 CVE-2019-5108 An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can... Ubuntu_linux, Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Sd\-Wan_edge 6.5
2020-08-21 CVE-2020-8620 In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. Ubuntu_linux, Bind, Steelstore_cloud_integrated_storage, Leap 7.5
2020-10-21 CVE-2020-14782 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded... Debian_linux, Epolicy_orchestrator, Active_iq_unified_manager, E\-Series_performance_analyzer, E\-Series_santricity_management_plug\-Ins, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services_proxy, Oncommand_insight, Oncommand_workflow_automation, Santricity_unified_manager, Steelstore_cloud_integrated_storage, Leap, Jdk, Jre 3.7
2020-05-09 CVE-2020-12769 An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. Ubuntu_linux, Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_compute_node_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 5.5
2020-04-28 CVE-2020-12243 In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). Mac_os_x, Brocade_fabric_operating_system, Ubuntu_linux, Debian_linux, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Steelstore_cloud_integrated_storage, Openldap, Leap, Solaris, Zfs_storage_appliance_kit 7.5
2020-06-29 CVE-2020-14145 The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected. Active_iq_unified_manager, Aff_a700s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Ontap_select_deploy_administration_utility, Solidfire, Steelstore_cloud_integrated_storage, Openssh 5.9
2020-08-21 CVE-2020-8621 In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected. Ubuntu_linux, Bind, Steelstore_cloud_integrated_storage, Leap, Dns_server 7.5
2020-02-14 CVE-2020-8992 ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. Ubuntu_linux, Linux_kernel, Active_iq_unified_manager, Cloud_backup, Data_availability_services, H410c_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 5.5