Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NetApp — Vulnerabilities & Security Advisories 66

Browse all 66 CVE security advisories affecting NetApp. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NetApp operates primarily as a provider of data storage hardware and software solutions, enabling organizations to manage, protect, and analyze data across hybrid cloud environments. With sixty-six recorded Common Vulnerabilities and Exposures (CVEs), the company’s attack surface has historically been impacted by critical flaws, particularly remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities within its management interfaces and web-based administration tools. These defects often stem from insufficient input validation or improper access controls in legacy components. While major public breaches directly attributed to NetApp infrastructure are rare, the high volume of CVEs indicates persistent challenges in securing complex enterprise storage ecosystems. Security updates are regularly deployed to mitigate these risks, yet the breadth of the product portfolio necessitates rigorous patch management to prevent exploitation of known weaknesses in both on-premises and cloud-integrated systems.

Top products by NetApp: StorageGRID SnapCenter ONTAP 9 StorageGRID (formerly StorageGRID Webscale) Clustered Data ONTAP ONTAP Select Deploy administration utility SnapCenter Server Data ONTAP operating in 7-Mode OnCommand Unified Manager for 7-Mode (core package) OnCommand Unified Manager for Linux E-Series SANtricity OS Controller Software AFF A700s Baseboard Management Controller NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller OnCommand Workflow Automation NetApp HCI Baseboard Management Controller (BMC) HCI H610C, NetApp HCI Baseboard Management Controller (BMC) HCI H615C, NetApp HCI Baseboard Management Controller (BMC) HCI H610S SnapGathers SnapCenter Plugin for VMware vSphere ONTAP Mediator ONTAP 9 StorageGRID (formerly StorageGRID Webscale) Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin SAN Host Utilities for Windows OnCommand Insight OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above OnCommand Unified Manager 7-Mode OnCommand Cloud Manager VASA Provider for Clustered Data ONTAP ATTO FibreBridge 7500N StorageGRID Webscale 7-Mode Transition Tool
CVE IDTitleCVSSSeverityPublished
CVE-2026-22051 NetApp StorageGRID 安全漏洞 — StorageGRID (formerly StorageGRID Webscale) 4.3AIMediumAI2026-04-20
CVE-2026-22052 NetApp ONTAP 安全漏洞 — ONTAP 9 4.3AIMediumAI2026-03-04
CVE-2026-22048 NetApp StorageGRID 安全漏洞 — StorageGRID (formerly StorageGRID Webscale) 7.1 High2026-02-17
CVE-2026-22050 NetApp ONTAP 安全漏洞 — ONTAP 9 2.7AILowAI2026-01-12
CVE-2025-26517 CVE-2025-26517 Privilege Escalation Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-266 5.4 Medium2025-09-19
CVE-2025-26516 CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-405 5.3 Medium2025-09-19
CVE-2025-26515 CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-918 7.5 High2025-09-19
CVE-2025-26514 CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-79 6.4 Medium2025-09-19
CVE-2025-26513 NetApp SAN Host Utilities for Windows 安全漏洞 — SAN Host Utilities for Windows 7.0 High2025-08-07
CVE-2025-26512 CVE-2025-26512 Privilege Escalation Vulnerability in SnapCenter — SnapCenterCWE-266 9.9 Critical2025-03-24
CVE-2025-26511 Cassandra-Lucene-Index allows bypass of Cassandra RBAC — Instaclustr fork of Stratio's Cassandra-Lucene-Index pluginCWE-863 8.8 High2025-02-13
CVE-2024-21994 CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID 4.3 Medium2024-11-08
CVE-2024-21993 Information Disclosure Vulnerability in SnapCenter — SnapCenter 5.7 Medium2024-07-09
CVE-2024-21988 CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID (formerly StorageGRID Webscale) 5.3 Medium2024-06-14
CVE-2024-21990 Default Privileged Account Credentials Vulnerability in ONTAP Select Deploy administration utility — ONTAP Select Deploy administration utilityCWE-259 5.4 Medium2024-04-17
CVE-2024-21989 Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility — ONTAP Select Deploy administration utilityCWE-269 8.1 High2024-04-17
CVE-2024-21984 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-79 5.9 Medium2024-02-16
CVE-2024-21983 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRIDCWE-248 6.5 Medium2024-02-16
CVE-2024-21987 Improper Authorization Vulnerability in SnapCenter — SnapCenterCWE-285 5.4 Medium2024-02-16
CVE-2023-27318 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID (formerly StorageGRID Webscale) CWE-248 6.5 Medium2024-02-05
CVE-2024-21985 Privilege Escalation Vulnerability in ONTAP 9 — ONTAP 9CWE-269 7.6 High2024-01-26
CVE-2024-21982 CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9 — ONTAP 9 4.8 Medium2024-01-11
CVE-2023-27319 CVE-2023-27319 Information Disclosure Vulnerability in ONTAP Mediator — ONTAP MediatorCWE-209 5.3 Medium2023-12-21
CVE-2023-27317 Information Disclosure Vulnerability in ONTAP 9 — ONTAP 9CWE-200 4.3 Medium2023-12-15
CVE-2023-27316 Privilege Escalation Vulnerability in SnapCenter — SnapCenterCWE-269 8.8 High2023-10-12
CVE-2023-27314 Denial of Service Vulnerability in ONTAP 9 — ONTAP 9CWE-400 7.5 High2023-10-12
CVE-2023-27313 Privilege Escalation Vulnerability in SnapCenter — SnapCenterCWE-250 8.3 High2023-10-12
CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere — SnapCenter Plugin for VMware vSphereCWE-250 5.4 Medium2023-10-12
CVE-2023-27315 Information Disclosure Vulnerability in SnapGathers — SnapGathers CWE-256 6.5 Medium2023-10-12
CVE-2020-8573 NetApp HCI H610C、H615C和H610S Baseboard Management Controller 信任管理问题漏洞 — NetApp HCI Baseboard Management Controller (BMC) HCI H610C, NetApp HCI Baseboard Management Controller (BMC) HCI H615C, NetApp HCI Baseboard Management Controller (BMC) HCI H610S 6.5 -2020-06-29

This page lists every published CVE security advisory associated with NetApp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.