Security Advisories

NetApp’s available Security Advisories are listed below.

To receive notifications when new information is available, subscribe to the RSS 2.0 feed using your preferred RSS reader. Email subscriptions are not available for this page.

ID Title Last Updated
NTAP-20180117-0003 CVE-2017-3145 ISC BIND Vulnerability in NetApp Products 2018-01-17
NTAP-20180117-0001 January 2018 Java Platform Standard Edition Vulnerabilities in NetApp Products 2018-01-17
NTAP-20180117-0002 January 2018 MySQL vulnerabilities in NetApp Products 2018-01-17
NTAP-20180112-0001 September 2017 PHP Vulnerabilities in NetApp Products 2018-01-12
NTAP-20180109-0001 CVE-2017-8779 rpcbind Vulnerability in NetApp Products 2018-01-12
NTAP-20180104-0001 Processor Speculated Execution Vulnerabilities in NetApp Products 2018-01-17
NTAP-20171222-0001 CVE-2017-13098 Bouncy Castle TLS Vulnerability in NetApp Products 2018-01-09
NTAP-20171215-0001 CVE-2017-14583 SMB Authentication Denial of Service (DoS) vulnerability in clustered Data ONTAP 9.x 2017-12-15
NTAP-20171214-0003 CVE-2017-15095 Jackson JSON Library vulnerability in NetApp Products 2018-01-16
NTAP-20171214-0001 CVE-2017-15707 Apache Struts Vulnerability in NetApp Products 2017-12-18
NTAP-20171214-0002 CVE-2017-7525 Jackson JSON Library Vulnerability in NetApp Products 2018-01-09
NTAP-20171208-0002 CVE-2016-6904 Plain Text Authentication vulnerability in VASA Provider for Clustered Data ONTAP 2017-12-08
NTAP-20171208-0001 December 2017 OpenSSL Vulnerabilities in NetApp Products 2018-01-05
NTAP-20171130-0003 CVE-2016-6515 OpenSSH Vulnerability in NetApp Products 2017-12-22
NTAP-20171130-0001 CVE-2016-8610 OpenSSL Vulnerability in NetApp Products 2018-01-09
NTAP-20171130-0002 January 2017 OpenSSH Vulnerabilities in NetApp Products 2017-11-30
NTAP-20171120-0001 Intel SA-00086 Management Engine Vulnerabilities in NetApp Products 2017-11-20
NTAP-20171116-0001 CVE-2017-15517 AltaVault OST Plug-in Sensitive Information Vulnerability 2017-11-16
NTAP-20171114-0001 CVE-2017-15516 Cross-Site Request Forgery Vulnerability in SnapCenter Server 2017-11-14
NTAP-20171107-0001 CVE-2017-11461 Clickjacking Vulnerability in OnCommand Unified Manager for 7-mode (core package) 2017-11-07
NTAP-20171107-0002 CVE-2017-3736 OpenSSL Vulnerability in NetApp Products 2017-12-12
NTAP-20171031-0001 January 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in NetApp Products 2017-10-31
NTAP-20171024-0001 CVE-2017-15361 Infineon RSA Library Vulnerability in NetApp Products 2017-10-24
NTAP-20171019-0001 October 2017 Java Platform Standard Edition Vulnerabilities in NetApp Products 2017-12-22
NTAP-20171019-0002 October 2017 MySQL Vulnerabilities in NetApp Products 2017-12-21
NTAP-20171018-0001 August 2017 Apache Tomcat Vulnerabilities in NetApp Products 2017-11-28
NTAP-20171018-0002 CVE-2017-12617 Apache Tomcat Vulnerability in NetApp Products 2017-11-28
NTAP-20171004-0002 April 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in Multiple NetApp Products 2017-11-29
NTAP-20171004-0001 October 2015 Network Time Protocol Daemon (ntpd) Vulnerabilities in Multiple NetApp Products 2017-10-04
NTAP-20170927-0001 CVE-2017-3735 OpenSSL Vulnerability in Multiple NetApp Products 2017-12-12
NTAP-20170921-0001 September 2017 Samba Vulnerabilities in NetApp StorageGRID Products 2017-09-21
NTAP-20170911-0001 CVE-2017-12611 Apache Struts Vulnerability in Multiple NetApp Products 2017-09-11
NTAP-20170911-0002 July 2017 Apache httpd Server Vulnerabilities in Multiple NetApp Products 2017-10-12
NTAP-20170907-0001 CVE-2017-9805 Apache Struts Vulnerability in Multiple NetApp Products 2017-09-08
NTAP-20170831-0003 CVE-2016-1895 Unsafe User Input String Vulnerability in Data ONTAP 2017-08-31
NTAP-20170831-0001 CVE-2017-14053 Session Cookie Vulnerability in OnCommand Unified Manager for Clustered Data ONTAP 2017-08-31
NTAP-20170831-0002 Unauthorized Read and Remote Code Execution Vulnerabilities in clustered Data ONTAP 8.3 2017-09-05
NTAP-20170825-0001 CVE-2017-12422 Unauthorized Object Deletion Vulnerability in StorageGRID WebScale 2017-08-25
NTAP-20170815-0001 CVE-1999-0016 Denial of Service Vulnerability in Data ONTAP 2017-08-15
NTAP-20170815-0002 CVE-2017-12859 Denial of Service Vulnerability in Data ONTAP operating in 7-Mode 2017-10-11
NTAP-20170814-0001 CVE-2017-12420 Heap Overflow Vulnerability in clustered Data ONTAP 2017-08-15
NTAP-20170809-0001 CVE-2017-5201 Sensitive Information Disclosure Vulnerability in Clustered Data ONTAP 2017-08-09
NTAP-20170808-0001 Linux Memory Management Vulnerabilities in Multiple NetApp Products 2017-11-09
NTAP-20170803-0001 June 2017 sudo Vulnerabilities in Multiple NetApp Products 2017-11-09
NTAP-20170720-0001 July 2017 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-12-22
NTAP-20170720-0002 July 2017 MySQL Vulnerabilities in Multiple NetApp Products 2017-10-20
NTAP-20170718-0001 CVE-2017-8919 Information Disclosure Vulnerability in OnCommand API Services 2017-07-18
NTAP-20170630-0001 CVE-2017-7947 Information Disclosure Vulnerability in clustered Data ONTAP 2017-07-14
NTAP-20170526-0001 March 2017 Network Time Protocol Daemon (ntpd) Vulnerabilities in Multiple NetApp Products 2017-09-22
NTAP-20170524-0001 CVE-2017-7494 Samba Remote Code Execution Vulnerability in StorageGRID Products 2017-06-16
NTAP-20170517-0001 CVE-2017-7236: SQL Injection vulnerability in OnCommand Unified Manager Core Package (5.x) 2017-05-17
NTAP-20170517-0002 CVE-2017-7439: Information Disclosure vulnerability in OnCommand Unified Manager Core Package (5.x) 2017-05-17
NTAP-20170509-0001 CVE-2017-5689 Intel Management Engine Vulnerability in Multiple NetApp Products 2017-05-10
NTAP-20170420-0001 April 2017 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-08-24
NTAP-20170420-0002 April 2017 MySQL Vulnerabilities in Multiple NetApp Products 2017-10-20
NTAP-20170331-0001 CVE-2017-5988 Denial of Service Vulnerability in clustered Data ONTAP 8.1 and higher 2017-05-25
NTAP-20170331-0002 CVE-2017-7345 JMX RMI Information Disclosure Vulnerability in Multiple NetApp Products 2017-03-31
NTAP-20170323-0001 CVE-2016-5045 Cluster Peering Vulnerability in OnCommand System Manager 8.3.x 2017-03-23
NTAP-20170310-0001 CVE-2017-5638 Apache Struts Vulnerability in Multiple NetApp Products 2017-03-10
NTAP-20170310-0002 November 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in Multiple NetApp Products 2017-09-22
NTAP-20170228-0002 CVE-2016-5374 Missing SMB Authorization Check Vulnerability in ONTAP 9 2017-02-28
NTAP-20170228-0001 CVE-2017-5995 ONTAP Select Deploy Sensitive Information Vulnerability 2017-02-28
NTAP-20170131-0001 CVE-2017-5600 Default Privileged Account Vulnerability in OnCommand Insight Data Warehouse 2017-02-15
NTAP-20170127-0001 January 2017 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-12-12
NTAP-20170119-0001 January 2017 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-10-31
NTAP-20170119-0002 January 2017 MySQL Vulnerabilities in Multiple NetApp Products 2017-10-20
NTAP-20161220-0001 CVE-2016-7172 Sensitive Information Disclosure in Snap Creator Framework 2016-12-20
NTAP-20161219-0001 December 2016 Samba Vulnerabilities in Multiple NetApp Products 2017-10-06
NTAP-20161129-0001 CVE-2016-7171 Non-Unique Certificate Vulnerability in NetApp Plug-in for Symantec NetBackup 2016-11-29
NTAP-20161108-0001 CVE-2016-5711 Non-Unique Certificate Vulnerability in Virtual Storage Console 2016-11-08
NTAP-20161028-0001 CVE-2016-4341 SMB Share Information Disclosure Vulnerability in Clustered Data ONTAP 2016-10-28
NTAP-20161025-0001 CVE-2016-5195 Kernel Local Privilege Escalation Vulnerability in Multiple NetApp Products 2017-03-15
NTAP-20161019-0001 October 2016 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-10-31
NTAP-20161019-0002 October 2016 MySQL Vulnerabilities in Multiple NetApp Products 2017-10-20
NTAP-20161017-0001 CVE-2010-1871 JBoss Seam Vulnerability in Multiple NetApp Products 2016-10-24
NTAP-20161017-0002 CVE-2016-6667 Default Privileged Account Credentials Vulnerability in OnCommand Unified Manager for Clustered Data ONTAP 2016-10-17
NTAP-20160930-0001 CVE-2016-2776 ISC BIND Vulnerability in Multiple NetApp Products 2017-09-20
NTAP-20160929-0001 CVE-2016-6495 Information Disclosure Vulnerability in Data ONTAP operating in 7-Mode 2016-09-29
NTAP-20160928-0001 September 2016 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-12-22
NTAP-20160915-0001 CVE-2016-2183 TLS Protocol 64-bit Cipher Vulnerability in Multiple NetApp Products 2017-10-31
NTAP-20160830-0002 CVE-2016-3064 Sensitive Information Disclosure Vulnerability in Clustered Data ONTAP 2016-08-30
NTAP-20160830-0001 CVE-2016-5047 Denial of Service Vulnerability in OnCommand System Manager 8.3.x 2016-08-30
NTAP-20160816-0001 CVE-2016-6820 Sensitive Information Disclosure in MetroCluster Tiebreaker for clustered Data ONTAP 2016-08-16
NTAP-20160802-0001 CVE-2015-8020 Default Privileged Account Credentials Vulnerability in in Clustered Data ONTAP 2016-08-02
NTAP-20160722-0002 CVE-2016-2775 ISC BIND Vulnerability in Multiple NetApp Products 2017-03-08
NTAP-20160722-0001 June 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in NetApp Products 2017-10-20
NTAP-20160721-0001 July 2016 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-10-31
NTAP-20160721-0002 July 2016 MySQL Vulnerabilities in Multiple NetApp Products 2017-01-10
NTAP-20160623-0001 CVE-2015-3253 Apache Groovy Vulnerability in OnCommand Insight 2016-06-23
NTAP-20160623-0004 Denial of Service Vulnerability in ATTO FibreBridge 7500N 2016-07-03
NTAP-20160623-0003 Multiple Elasticsearch Vulnerabilities in OnCommand Insight Anomaly Detection Engine 2016-06-28
NTAP-20160623-0002 Multiple Unauthenticated Remote Code Execution Vulnerabilities in OnCommand Insight 2016-06-23
NTAP-20160622-0001 CVE-2016-5372 Cross-Site Request Forgery Vulnerability in Snap Creator Framework 2016-06-22
NTAP-20160620-0001 CVE-2016-5710 Clickjacking Vulnerability in Snap Creator Framework 2016-06-20
NTAP-20160602-0001 OVA Build Inconsistencies Resulting in Vulnerability Regressions in Multiple NetApp Products 2016-06-14
NTAP-20160519-0001 May 2016 OpenSSH Vulnerabilities in Multiple NetApp Products 2017-10-13
NTAP-20160504-0001 May 2016 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-12-12
NTAP-20160421-0001 April 2016 MySQL Vulnerabilities in Multiple NetApp Products 2017-02-24
NTAP-20160420-0001 April 2016 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-11-02
NTAP-20160412-0001 SMB Vulnerabilities in Multiple NetApp Products 2017-05-12
NTAP-20160330-0001 August 2015 OpenSSH Vulnerabilities in Multiple NetApp Products 2017-03-08
NTAP-20160328-0001 CVE-2016-0636 Java Platform Standard Edition Vulnerability in Multiple NetApp Products 2017-10-02
NTAP-20160324-0001 CVE-2015-3963 VxWorks Vulnerability impacting NetApp E-Series/EF-Series SANtricity OS Controller Firmware 2016-04-26
NTAP-20160322-0001 January 2016 ISC BIND Vulnerabilities in Multiple NetApp Products 2017-09-20
NTAP-20160322-0002 March 2016 ISC BIND Vulnerabilities in Multiple NetApp Products 2017-09-20
NTAP-20160321-0001 CVE-2016-2842 OpenSSL Vulnerability in Multiple NetApp Products 2017-12-12
NTAP-20160317-0001 December 2015 ISC BIND Vulnerabilities in Multiple NetApp Products 2017-01-03
NTAP-20160310-0003 CVE-2015-8322 Arbitrary Code Execution Vulnerability in OnCommand System Manager 8.3.x 2016-08-11
NTAP-20160310-0002 CVE-2016-1563 TLS Certificate Verification vulnerability in Clustered Data ONTAP 2016-03-10
NTAP-20160310-0001 CVE-2016-1894 Authentication Bypass Vulnerability in OnCommand Workflow Automation 2016-03-11
NTAP-20160310-0004 CVE-2016-3063 ZAPI Injection Vulnerability in OnCommand System Manager 2016-08-11
NTAP-20160303-0001 March 2016 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-12-12
NTAP-20160301-0001 CVE-2016-0800 SSLv2 Vulnerability in Multiple NetApp Products 2017-11-09
NTAP-20160225-0001 CVE-2015-7575 TLS Vulnerability in Multiple NetApp Products 2017-11-29
NTAP-20160217-0002 CVE-2015-7547 GNU C Library (glibc) Vulnerability in Multiple NetApp Products 2017-09-20
NTAP-20160217-0001 CVE-2016-0603 Java Platform Standard Edition Vulnerability in Multiple NetApp Products 2017-03-22
NTAP-20160211-0001 CVE-2016-0728 Linux kernel Privilege Escalation Vulnerability in Multiple NetApp Products 2016-03-01
NTAP-20160201-0001 January 2016 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-11-14
NTAP-20160126-0001 January 2016 OpenSSH Vulnerabilities in Multiple NetApp Products 2016-12-23
NTAP-20160121-0001 January 2016 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-10-02
NTAP-20160121-0002 January 2016 MySQL Vulnerabilities in Multiple NetApp Products 2017-01-10
NTAP-20160114-0001 CVE-2015-5477 ISC BIND Vulnerability in Clustered Data ONTAP 2016-01-14
NTAP-20160114-0002 CVE-2015-7886 HTTPD Access Control Bypass Vulnerability in Data ONTAP operating in 7-Mode 2016-01-14
NTAP-20160111-0002 Authentication Bypass Vulnerability in SnapCenter Server 1.0 & 1.0P1 2016-01-11
NTAP-20160111-0001 CVE-2015-8544 Sensitive Information Disclosure in SnapDrive for Windows 2016-01-13
NTAP-20151207-0001 December 2015 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-02-28
NTAP-20151123-0001 Apache Commons Collection Java Deserialization Vulnerability in Multiple NetApp Products 2017-11-28
NTAP-20151112-0001 UTF-8 Volume Language Authentication Bypass Vulnerability in Data ONTAP operating in 7-Mode 2017-08-30
NTAP-20151106-0001 CVE-2015-5600 OpenSSH MaxAuthTries Bypass Vulnerability in Multiple NetApp Products 2017-02-07
NTAP-20151102-0001 Web Server Debugging Functions Vulnerability in OnCommand Workflow Automation 2015-11-02
NTAP-20151030-0001 October 2015 MySQL Vulnerabilities in Multiple NetApp Products 2016-08-11
NTAP-20151029-0001 CVE-2015-7599 VxWorks Vulnerability impacting NetApp E-Series products 2016-01-19
NTAP-20151028-0001 October 2015 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20151026-0001 Authentication Bypass Vulnerability in SnapCenter Server 1.0 2016-01-07
NTAP-20150716-0001 July 2015 MySQL Vulnerabilities in Multiple NetApp Products 2015-12-03
NTAP-20150715-0001 July 2015 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20150619-0001 CVE-2015-4000 Diffie-Hellman Export Cipher Suite vulnerability in Multiple NetApp Products 2017-10-02
NTAP-20150616-0001 June 2015 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-08-15
NTAP-20150417-0001 April 2015 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20150417-0002 April 2015 MySQL Vulnerabilities in Multiple NetApp Products 2016-09-21
NTAP-20150417-0003 CVE-2015-2575 MySQL Connector/J Vulnerability in Multiple NetApp Products 2016-08-31
NTAP-20150323-0002 March 2015 OpenSSL Vulnerabilities in Multiple NetApp Products 2017-08-15
NTAP-20150304-0001 January 2015 MySQL Vulnerabilities in Multiple NetApp Products 2016-09-21
NTAP-20150209-0001 CVE-2003-1418 Apache ETag Inode Disclosure Vulnerability in Clustered Data ONTAP 2015-02-09
NTAP-20150205-0001 January 2015 OpenSSL Vulnerabilities in Multiple NetApp Products 2016-08-31
NTAP-20150127-0001 CVE-2015-0235 GNU C Library (glibc) Vulnerability in Multiple NetApp Products 2017-02-21
NTAP-20150126-0001 January 2015 Java Runtime Environment (JRE) Vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20150122-0002 CVE-2003-0028 XDR Libraries Integer Overflow Vulnerability in Data ONTAP 2017-08-24
NTAP-20150122-0003 CVE-2014-4877 GNU Wget Vulnerability in Multiple NetApp Products 2015-03-24
NTAP-20150122-0001 RC4 Cipher Vulnerabilities in Multiple NetApp Products 2017-10-19
NTAP-20150115-0001 CVE-2014-9353 Default Privileged Account Credentials Vulnerability in OnCommand Balance 2015-01-15
NTAP-20150115-0002 CVE-2014-9354 Cleartext Storage of Sensitive Information in OnCommand Balance 2015-01-23
NTAP-20141222-0001 Network Time Protocol Daemon (ntpd) 4.2.7 Vulnerabilities in NetApp Products 2015-01-05
NTAP-20141125-0001 July 2014 Oracle MySQL vulnerabilities in Multiple NetApp Products 2016-08-23
NTAP-20141119-0001 October 2014 Oracle MySQL vulnerabilities in Multiple NetApp Products 2015-06-25
NTAP-20141030-0001 August 2014 OpenSSL CVE Bundle Security Vulnerabilities in Multiple NetApp Products 2016-11-30
NTAP-20141030-0002 CVE-2010-3613 BIND Vulnerability in Clustered Data ONTAP 2014-12-02
NTAP-20141030-0003 CVE-2012-1667 BIND Vulnerability in Clustered Data ONTAP 2014-12-23
NTAP-20141028-0002 GNUTLS Buffer Overflow vulnerabilities in Select NetApp Products 2015-04-09
NTAP-20141028-0001 July 2014 Java Runtime Environment (JRE) vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20141024-0001 GNUTLS Certification Validation Bypass vulnerability in Select NetApp Products 2014-12-22
NTAP-20141023-0001 October 2014 Java Runtime Environment (JRE) Vulnerabilities in Multiple NetApp Products 2017-03-22
NTAP-20141015-0001 CVE-2014-3566 SSL v3.0 Nondeterministic CBC Padding Vulnerability in Multiple NetApp Products 2017-02-14
NTAP-20141015-0002 October 2014 OpenSSL Vulnerabilities in Multiple NetApp Products 2016-12-13
NTAP-20140924-0001 Bash Code Injection Vulnerability in Select NetApp Products 2015-03-11
NTAP-20140911-0001 CVE-2014-0114 Apache Struts Class Suppression Vulnerability in Multiple NetApp Products 2017-04-06