NetApp Products Multiple Vulnerabilities
Release Date:
6 Jun 2022
5674
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Data Manipulation
System / Technologies affected
- AFF Baseboard Management Controller (BMC) - A700s
- Active IQ Unified Manager for VMware vSphere
- Clustered Data ONTAP
- Clustered Data ONTAP Antivirus Connector
- FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400
- FAS/AFF Baseboard Management Controller (BMC) - A250/500f
- NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H300E/H500E/H700E/H410S
- NetApp HCI Baseboard Management Controller (BMC) - H410C
- NetApp HCI Compute Node (Bootstrap OS)
- NetApp SANtricity SMI-S Provider
- NetApp SMI-S Provider
- NetApp SolidFire & HCI Management Node
- NetApp SolidFire, Enterprise SDS & HCI Storage Node (Element Software)
- SnapManager for Hyper-V
Solutions
- Please refer to the vendor web-site for update on patches release.
- Software fixes will be made available through the NetApp Support website in the Software Download section.
https://mysupport.netapp.com/site/downloads/
- Software fixes will be made available through the NetApp Support website in the Software Download section.
Vulnerability Identifier
- CVE-2021-4157
- CVE-2021-4197
- CVE-2022-0435
- CVE-2022-1292
- CVE-2022-1343
- CVE-2022-1434
- CVE-2022-1473
- CVE-2022-29156
Source
Related Link
Share with