Known Vulnerabilities for products from Seagate
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Seagate".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Seagate can be found at device.report : Seagate
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43429 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-04-07 | 2022-04-15 |
| CVE-2020-6627 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-12-06 | 2023-05-26 |
| CVE-2018-18471 | /api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XX... | 9.8 - CRITICAL | 2019-06-19 | 2019-06-24 |
| CVE-2018-12304 | Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via mul... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12303 | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory n... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12302 | Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal ses... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12301 | Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via ... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12300 | Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Ref... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12299 | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded fi... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12298 | Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's contain... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12297 | Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL pat... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12296 | Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers ... | 7.5 - HIGH | 2019-05-13 | 2019-10-03 |
| CVE-2018-12295 | SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands... | 9.8 - CRITICAL | 2019-05-13 | 2019-05-13 |
| CVE-2018-5347 | Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs funct... | 9.8 - CRITICAL | 2018-01-12 | 2019-10-03 |
| CVE-2017-18263 | Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a pa... | 7.5 - HIGH | 2018-04-28 | 2018-06-05 |
| CVE-2015-7269 | Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow phys... | 4.2 - MEDIUM | 2017-11-27 | 2017-12-20 |
| CVE-2015-7268 | Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and... | 4.2 - MEDIUM | 2017-11-27 | 2017-12-20 |
| CVE-2015-7267 | Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and o... | 4.2 - MEDIUM | 2017-11-27 | 2017-12-20 |
| CVE-2015-2876 | Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mo... | 8.8 - HIGH | 2015-12-31 | 2015-12-31 |
| CVE-2015-2875 | Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mob... | 7.5 - HIGH | 2015-12-31 | 2015-12-31 |
Known software with vulnerabilities from Seagate
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Seagate | Blackarmor Nas 220 | - |
| Operating System | Seagate | Blackarmor Nas 220 Firmware | sg2000-2000.1331 |
| Hardware | Seagate | Goflex Home | - |
| Hardware | Seagate | Goflex Sattelite | - |
| Application | Seagate | Maxtor Manager | 4.2.303 |
| Operating System | Seagate | Nas Os | 4.0.12.4 |
| Application | Seagate | Seagate Manager Installer | 2.1.600 |
| Hardware | Seagate | Wireless Mobile Storage | - |
| Hardware | Seagate | Wireless Plus Mobile Storage | - |