threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netapp cloud manager
Product
netapp cloud manager
26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-34012
< 6.2.24135.272
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows
4.4
MEDIUM
CVE-2023-41748
< 6.2.23089.203
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) be
9.8
CRITICAL
CVE-2023-41747
< 6.2.23089.203
Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager
6.5
MEDIUM
CVE-2023-41746
< 6.2.23089.203
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) be
9.8
CRITICAL
CVE-2023-0421
<= 1.0
The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an adm
6.1
MEDIUM
CVE-2021-45105
all versions
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from sel
5.9
MEDIUM
CVE-2021-42550
all versions
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a m
6.6
MEDIUM
CVE-2021-44228
all versions
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0
CRITICAL
CVE-2021-27002
< 3.9.10
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attack
7.5
HIGH
CVE-2021-26999
< 3.9.9
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged infor
4.3
MEDIUM
CVE-2021-26998
< 3.9.9
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers wi
4.3
MEDIUM
CVE-2021-31807
all versions
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve D
6.5
MEDIUM
CVE-2021-31808
all versions
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of
6.5
MEDIUM
CVE-2021-31806
all versions
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of
6.5
MEDIUM
CVE-2021-28651
all versions
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service.
7.5
HIGH
CVE-2021-28165
< 3.9.8
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a
7.5
HIGH
CVE-2021-28164
all versions
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %
5.3
MEDIUM
CVE-2021-28163
all versions
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is
2.7
LOW
CVE-2021-26992
< 3.9.4
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of
7.5
HIGH
CVE-2021-26991
< 3.9.4
Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote a
7.5
HIGH
CVE-2021-26990
< 3.9.4
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary
9.1
CRITICAL
CVE-2020-25097
all versions
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client
8.6
HIGH
CVE-2021-23337
all versions
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
7.2
HIGH
CVE-2020-14058
all versions
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the d
7.5
HIGH
CVE-2014-5641
all versions
The Cloud Manager (aka com.ileaf.cloud_manager) application 1.6 for Android does not verify X.509 certificates from SSL servers, w
CVE-2011-2654
<= 1.1.2
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allo
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin