Ontap Select Deploy Administration Utility
CVE-2019-17272
HIGH
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
AnalysisAI
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. Affected products include: Netapp Ontap Select Deploy Administration Utility.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. Rated medium se
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execu
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer ove
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploi
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds che
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow t
Use After Free in GitHub repository vim/vim prior to 9.0.0882. Rated high severity (CVSS 7.8), this vulnerability is no
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-base
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today