Browse all 66 CVE security advisories affecting NetApp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NetApp operates primarily as a provider of data storage hardware and software solutions, enabling organizations to manage, protect, and analyze data across hybrid cloud environments. With sixty-six recorded Common Vulnerabilities and Exposures (CVEs), the company’s attack surface has historically been impacted by critical flaws, particularly remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities within its management interfaces and web-based administration tools. These defects often stem from insufficient input validation or improper access controls in legacy components. While major public breaches directly attributed to NetApp infrastructure are rare, the high volume of CVEs indicates persistent challenges in securing complex enterprise storage ecosystems. Security updates are regularly deployed to mitigate these risks, yet the breadth of the product portfolio necessitates rigorous patch management to prevent exploitation of known weaknesses in both on-premises and cloud-integrated systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-8571 | NetApp StorageGRID 安全漏洞 — StorageGRID (formerly StorageGRID Webscale) | 7.5 | - | 2020-03-13 |
| CVE-2019-17275 | NetApp OnCommand Cloud Manager 安全漏洞 — OnCommand Cloud Manager | 9.8 | - | 2020-02-26 |
| CVE-2019-17274 | NetApp AFF A700s Baseboard Management Controller 安全漏洞 — NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller | 7.8 | - | 2020-02-26 |
| CVE-2019-17273 | E-Series SANtricity OS Controller Software 输入验证错误漏洞 — E-Series SANtricity OS Controller Software | 6.5 | - | 2020-01-30 |
| CVE-2019-17272 | NetApp ONTAP Select Deploy administration utility 输入验证错误漏洞 — ONTAP Select Deploy administration utility | 7.2 | - | 2019-11-21 |
| CVE-2019-5509 | NetApp ONTAP Select Deploy administration utility 代码注入漏洞 — ONTAP Select Deploy administration utility | 9.8 | - | 2019-11-21 |
| CVE-2019-5503 | NetApp OnCommand Workflow Automation 信息泄露漏洞 — OnCommand Workflow Automation | 7.5 | - | 2019-09-10 |
| CVE-2019-5501 | 7-Mode 信息泄露漏洞 — Data ONTAP operating in 7-Mode | 7.5 | - | 2019-08-02 |
| CVE-2019-5493 | 7-Mode 信息泄露漏洞 — Data ONTAP operating in 7-Mode | 6.2 | - | 2019-08-02 |
| CVE-2019-5497 | NetApp AFF A700s Baseboard Management Controller 命令注入漏洞 — AFF A700s Baseboard Management Controller | 9.8 | - | 2019-07-01 |
| CVE-2019-5496 | NetApp Oncommand Insight 信息泄露漏洞 — OnCommand Insight | 7.5 | - | 2019-05-10 |
| CVE-2019-5495 | NetApp OnCommand Unified Manager 安全特征问题漏洞 — OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above | 7.5 | - | 2019-05-10 |
| CVE-2019-5494 | NetApp OnCommand Unified Manager 信息泄露漏洞 — OnCommand Unified Manager 7-Mode | 7.5 | - | 2019-05-10 |
| CVE-2018-5482 | NetApp SnapCenter 信息泄露漏洞 — SnapCenter Server | 5.3 | - | 2019-03-04 |
| CVE-2017-15515 | NetApp SnapCenter 跨站脚本漏洞 — SnapCenter Server | 4.8 | - | 2019-03-04 |
| CVE-2019-5491 | NetApp Clustered Data ONTAP 信息泄露漏洞 — Clustered Data ONTAP | 7.5 | - | 2019-02-27 |
| CVE-2018-5499 | ATTO FibreBridge 7500N 输入验证漏洞 — ATTO FibreBridge 7500N | 7.5 | - | 2019-02-12 |
| CVE-2018-5498 | NetApp Clustered Data ONTAP 输入验证错误漏洞 — Clustered Data ONTAP | 5.3 | - | 2019-02-01 |
| CVE-2018-5497 | NetApp Clustered Data ONTAP 安全漏洞 — Clustered Data ONTAP | 5.5 | - | 2019-01-24 |
| CVE-2018-5481 | NetApp OnCommand Unified Manager for 7-Mode 访问控制错误漏洞 — OnCommand Unified Manager for 7-Mode (core package) | 7.4 | - | 2019-01-07 |
| CVE-2018-5496 | NetApp Data ONTAP operating in 7-Mode 安全漏洞 — Data ONTAP operating in 7-Mode | 4.4 | - | 2018-12-04 |
| CVE-2018-5495 | NetApp StorageGRID Webscale 安全漏洞 — StorageGRID Webscale | 9.8 | - | 2018-11-14 |
| CVE-2018-5492 | NetApp E-Series SANtricity OS Controller Software 安全漏洞 — E-Series SANtricity OS Controller Software | 9.8 | - | 2018-10-04 |
| CVE-2018-5490 | NetApp Clustered Data ONTAP 安全漏洞 — Clustered Data ONTAP | 8.8 | - | 2018-08-03 |
| CVE-2018-5489 | NetApp 7-Mode Transition Tool 安全漏洞 — 7-Mode Transition Tool | 6.5 | - | 2018-08-03 |
| CVE-2017-7568 | NetApp OnCommand Unified Manager for 7-Mode(core package)安全漏洞 — OnCommand Unified Manager for 7-Mode (core package) | 5.3 | - | 2018-06-22 |
| CVE-2018-5488 | NetApp SANtricity Web Services Proxy和SANtricity Storage Manager 安全漏洞 — SANtricity Products | 9.8 | - | 2018-06-13 |
| CVE-2018-5487 | NetApp OnCommand Unified Manager for Linux 安全漏洞 — OnCommand Unified Manager for Linux | 9.8 | - | 2018-05-24 |
| CVE-2018-5485 | NetApp OnCommand Unified Manager for Windows 权限许可和访问控制问题漏洞 — OnCommand Unified Manager for Windows | 7.8 | - | 2018-05-24 |
| CVE-2018-5486 | NetApp OnCommand Unified Manager for Linux 安全漏洞 — OnCommand Unified Manager for Linux | 7.8 | - | 2018-04-25 |
This page lists every published CVE security advisory associated with NetApp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.