This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Netapp First view 2017-01-12
Product Hci Management Node Last view 2021-01-26
Version - Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:netapp:hci_management_node

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2021-01-26 CVE-2021-3156

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.8 2021-01-12 CVE-2021-23240

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

2.5 2021-01-12 CVE-2021-23239

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

9.8 2021-01-08 CVE-2020-8584

Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.

5.5 2021-01-04 CVE-2020-35496

There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

5.5 2021-01-04 CVE-2020-35495

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

6.1 2021-01-04 CVE-2020-35494

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.

5.5 2021-01-04 CVE-2020-35493

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

5.9 2020-12-08 CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).

3.7 2020-07-30 CVE-2020-16166

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.

5.9 2020-06-29 CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).

4.4 2020-06-12 CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

7 2020-04-30 CVE-2020-1752

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.

7.5 2020-04-17 CVE-2020-11868

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

5.5 2019-11-30 CVE-2019-19462

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

6.7 2019-09-24 CVE-2019-5094

An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

8.8 2019-06-03 CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

7.8 2019-05-28 CVE-2019-5436

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

7.8 2019-04-26 CVE-2019-3844

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

7.8 2019-04-26 CVE-2019-3843

It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

7.7 2019-04-25 CVE-2019-3900

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.

5.5 2019-04-24 CVE-2019-3882

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.

4.7 2019-04-22 CVE-2019-3901

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.

6.5 2019-03-25 CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

8.6 2019-02-11 CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

CWE : Common Weakness Enumeration

%idName
17% (4) CWE-787 Out-of-bounds Write
17% (4) CWE-476 NULL Pointer Dereference
13% (3) CWE-200 Information Exposure
8% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
8% (2) CWE-20 Improper Input Validation
4% (1) CWE-770 Allocation of Resources Without Limits or Throttling
4% (1) CWE-667 Insufficient Locking
4% (1) CWE-416 Use After Free
4% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
4% (1) CWE-125 Out-of-bounds Read
4% (1) CWE-122 Heap-based Buffer Overflow
4% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
4% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Snort® IPS/IDS

Date Description
2019-03-19 Multiple products runc arbitrary code execution attempt
RuleID : 49195 - Type : SERVER-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-08-17 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201708-01.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote AIX host has a version of bind installed that is affected by a den...
File: aix_bind_advisory15.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-0062.nasl - Type: ACT_GATHER_INFO
2017-06-29 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1583.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1026.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1025.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93403.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93366.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93365.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93363.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93362.nasl - Type: ACT_GATHER_INFO
2017-03-08 Name: The remote AIX host is missing a security patch.
File: aix_IV93361.nasl - Type: ACT_GATHER_INFO
2017-01-30 Name: The remote Debian host is missing a security update.
File: debian_DLA-805.nasl - Type: ACT_GATHER_INFO
2017-01-19 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-114.nasl - Type: ACT_GATHER_INFO
2017-01-19 Name: The remote name server is affected by multiple denial of service vulnerabilit...
File: bind9_CVE-2016-9131.nasl - Type: ACT_GATHER_INFO
2017-01-18 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-0062.nasl - Type: ACT_GATHER_INFO
2017-01-18 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-109.nasl - Type: ACT_GATHER_INFO
2017-01-18 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-0062.nasl - Type: ACT_GATHER_INFO
2017-01-17 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170116_bind_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-01-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-8f23f564ad.nasl - Type: ACT_GATHER_INFO
2017-01-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-59ca54c94e.nasl - Type: ACT_GATHER_INFO
2017-01-16 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-0062.nasl - Type: ACT_GATHER_INFO
2017-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2017-f44f2f5a48.nasl - Type: ACT_GATHER_INFO
2017-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2017-87992a0557.nasl - Type: ACT_GATHER_INFO
2017-01-13 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-3172-1.nasl - Type: ACT_GATHER_INFO