NetApp Products Multiple Vulnerabilities
Release Date:
3 Apr 2023
4751
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Astra Trident
- Management Services for Element Software and NetApp HCI
- NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S
- NetApp HCI Baseboard Management Controller (BMC) - H410C
- ONTAP 9 (formerly Clustered Data ONTAP)
- ONTAP tools for VMware vSphere
- StorageGRID (formerly StorageGRID Webscale)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://security.netapp.com/advisory/ntap-20230331-0001/
https://security.netapp.com/advisory/ntap-20230331-0002/
https://security.netapp.com/advisory/ntap-20230331-0002/
https://security.netapp.com/advisory/ntap-20230331-0003/
https://security.netapp.com/advisory/ntap-20230331-0004/
https://security.netapp.com/advisory/ntap-20230331-0005/
https://security.netapp.com/advisory/ntap-20230331-0006/
https://security.netapp.com/advisory/ntap-20230331-0007/
https://security.netapp.com/advisory/ntap-20230331-0008/
https://security.netapp.com/advisory/ntap-20230331-0009/
https://security.netapp.com/advisory/ntap-20230331-0010/
https://security.netapp.com/advisory/ntap-20230331-0011/
https://security.netapp.com/advisory/ntap-20230331-0012/
Vulnerability Identifier
- CVE-2021-20251
- CVE-2022-4645
- CVE-2022-36021
- CVE-2022-41723
- CVE-2022-41724
- CVE-2022-41725
- CVE-2023-0461
- CVE-2023-0567
- CVE-2023-0594
- CVE-2023-22995
- CVE-2023-23000
- CVE-2023-23003
- CVE-2023-24532
- CVE-2023-25155
- CVE-2023-28708
Source
Related Link
- https://security.netapp.com/advisory/ntap-20230331-0001/
- https://security.netapp.com/advisory/ntap-20230331-0002/
- https://security.netapp.com/advisory/ntap-20230331-0003/
- https://security.netapp.com/advisory/ntap-20230331-0004/
- https://security.netapp.com/advisory/ntap-20230331-0005/
- https://security.netapp.com/advisory/ntap-20230331-0006/
- https://security.netapp.com/advisory/ntap-20230331-0007/
- https://security.netapp.com/advisory/ntap-20230331-0008/
- https://security.netapp.com/advisory/ntap-20230331-0009/
- https://security.netapp.com/advisory/ntap-20230331-0010/
- https://security.netapp.com/advisory/ntap-20230331-0011/
- https://security.netapp.com/advisory/ntap-20230331-0012/
Share with