NetApp Products Multiple Vulnerabilities

Impact

• Denial of Service
• Information Disclosure
• Data Manipulation

System / Technologies affected

• Astra Trident
• Astra Trident Autosupport
• NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S
• NetApp HCI Baseboard Management Controller (BMC) - H410C
• ONTAP 9 (formerly Clustered Data ONTAP)

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

• https://security.netapp.com/advisory/ntap-20230517-0001/
• https://security.netapp.com/advisory/ntap-20230517-0002/
• https://security.netapp.com/advisory/ntap-20230517-0003/
• https://security.netapp.com/advisory/ntap-20230517-0004/
• https://security.netapp.com/advisory/ntap-20230517-0005/
• https://security.netapp.com/advisory/ntap-20230517-0006/
• https://security.netapp.com/advisory/ntap-20230517-0007/
• https://security.netapp.com/advisory/ntap-20230517-0008/
• https://security.netapp.com/advisory/ntap-20230517-0009/
• https://security.netapp.com/advisory/ntap-20230517-0010/

Vulnerability Identifier

• CVE-2021-46880
• CVE-2023-0210
• CVE-2023-0568
• CVE-2023-0662
• CVE-2023-0664
• CVE-2023-1838
• CVE-2023-2008
• CVE-2023-26463
• CVE-2023-28464
• CVE-2023-29013
• CVE-2023-29491

Source

• NetApp

Related Link

• https://security.netapp.com/advisory/ntap-20230517-0001/
• https://security.netapp.com/advisory/ntap-20230517-0002/
• https://security.netapp.com/advisory/ntap-20230517-0003/
• https://security.netapp.com/advisory/ntap-20230517-0004/
• https://security.netapp.com/advisory/ntap-20230517-0005/
• https://security.netapp.com/advisory/ntap-20230517-0006/
• https://security.netapp.com/advisory/ntap-20230517-0007/
• https://security.netapp.com/advisory/ntap-20230517-0008/
• https://security.netapp.com/advisory/ntap-20230517-0009/
• https://security.netapp.com/advisory/ntap-20230517-0010/