NetApp Products Multiple Vulnerabilities
Release Date:
30 May 2023
4446
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Active IQ Unified Manager for Linux
- Active IQ Unified Manager for Microsoft Windows
- Active IQ Unified Manager for VMware vSphere
- Astra Trident
- E-Series SANtricity OS Controller Software 11.x
- E-Series SANtricity Unified Manager and Web Services Proxy
- NetApp BlueXP
- NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S
- NetApp HCI Baseboard Management Controller (BMC) - H410C
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://security.netapp.com/advisory/ntap-20230517-0006/
- https://security.netapp.com/advisory/ntap-20230525-0001/
- https://security.netapp.com/advisory/ntap-20230526-0001/
- https://security.netapp.com/advisory/ntap-20230526-0001/
- https://security.netapp.com/advisory/ntap-20230526-0002/
- https://security.netapp.com/advisory/ntap-20230526-0003/
- https://security.netapp.com/advisory/ntap-20230526-0004/
- https://security.netapp.com/advisory/ntap-20230526-0005/
- https://security.netapp.com/advisory/ntap-20230526-0006/
- https://security.netapp.com/advisory/ntap-20230526-0007/
- https://security.netapp.com/advisory/ntap-20230526-0008/
- https://security.netapp.com/advisory/ntap-20230526-0009/
- https://security.netapp.com/advisory/ntap-20230526-0010/
Vulnerability Identifier
- CVE-2020-24736
- CVE-2021-46880
- CVE-2022-4744
- CVE-2023-0210
- CVE-2023-0620
- CVE-2023-0665
- CVE-2023-1670
- CVE-2023-20862
- CVE-2023-24534
- CVE-2023-24536
- CVE-2023-25000
- CVE-2023-26048
- CVE-2023-26049
- CVE-2023-27311
- CVE-2023-28755
- CVE-2023-28756
- CVE-2023-29323
Source
Related Link
- https://security.netapp.com/advisory/ntap-20230517-0002/
- https://security.netapp.com/advisory/ntap-20230517-0006/
- https://security.netapp.com/advisory/ntap-20230525-0001/
- https://security.netapp.com/advisory/ntap-20230526-0001/
- https://security.netapp.com/advisory/ntap-20230526-0001/
- https://security.netapp.com/advisory/ntap-20230526-0002/
- https://security.netapp.com/advisory/ntap-20230526-0003/
- https://security.netapp.com/advisory/ntap-20230526-0004/
- https://security.netapp.com/advisory/ntap-20230526-0005/
- https://security.netapp.com/advisory/ntap-20230526-0006/
- https://security.netapp.com/advisory/ntap-20230526-0007/
- https://security.netapp.com/advisory/ntap-20230526-0008/
- https://security.netapp.com/advisory/ntap-20230526-0009/
- https://security.netapp.com/advisory/ntap-20230526-0010/
Share with