Brocade San Navigator NetApp Brocade San Navigator

Do you want an email whenever new security vulnerabilities are reported in NetApp Brocade San Navigator?

By the Year

In 2022 there have been 1 vulnerability in NetApp Brocade San Navigator with an average score of 5.3 out of ten. Last year Brocade San Navigator had 1 security vulnerability published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 3.70

Year Vulnerabilities Average Score
2022 1 5.30
2021 1 9.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Brocade San Navigator vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent NetApp Brocade San Navigator Security Vulnerabilities

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications

CVE-2022-22970 5.3 - Medium - May 12, 2022

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

Allocation of Resources Without Limits or Throttling

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations

CVE-2021-45046 9 - Critical - December 14, 2021

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Siemens Tracealertserverplus or by NetApp? Click the Watch button to subscribe.

NetApp
Vendor

subscribe