Netapp Ontap Select Deploy Administration Utility vulnerabilities

7 known vulnerabilities affecting netapp/ontap_select_deploy_administration_utility.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH3

Vulnerabilities

Page 1 of 1
CVE-2024-21990CRITICALCVSS 9.8≥ 9.12.1, ≤ 9.14.12024-04-17
CVE-2024-21990 [MEDIUM] CWE-259 CVE-2024-21990: ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-co ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials.
cvelistv5nvd
CVE-2024-21989HIGHCVSS 8.8≥ 9.12.1, ≤ 9.14.12024-04-17
CVE-2024-21989 [HIGH] CWE-269 CVE-2024-21989: ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.
cvelistv5nvd
CVE-2019-5509CRITICALCVSS 9.8≥ 2.11.2, ≤ 2.12.2v2.11.2 through 2.12.22019-11-21
CVE-2019-5509 [CRITICAL] CWE-94 CVE-2019-5509: ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
cvelistv5nvd
CVE-2019-17272HIGHCVSS 7.2vAll versions2019-11-21
CVE-2019-17272 [HIGH] CVE-2019-17272: All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
cvelistv5nvd
CVE-2019-5504CRITICALCVSS 9.8v2.12v2.12.12019-09-24
CVE-2019-5504 [CRITICAL] CWE-306 CVE-2019-5504: ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
nvd
CVE-2019-5505CRITICALCVSS 9.8≥ 2.2, ≤ 2.12.12019-09-24
CVE-2019-5505 [CRITICAL] CWE-319 CVE-2019-5505: ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plain ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
nvd
CVE-2017-5995HIGHCVSS 7.5v2.0v2.1+2 more2017-03-01
CVE-2017-5995 [HIGH] CWE-200 CVE-2017-5995: The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors.
nvd