NetApp 產品多個漏洞

影響

• 阻斷服務
• 資料洩露
• 篡改
• 權限提升
• 繞過保安限制
• 遠端執行程式碼

受影響之系統或技術

• AFF Baseboard Management Controller (BMC) - A700s
• Astra Trident
• FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400/C400
• NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S
• NetApp HCI Baseboard Management Controller (BMC) - H410C
• SnapCenter

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• https://security.netapp.com/advisory/ntap-20230511-0006/
• https://security.netapp.com/advisory/ntap-20230511-0009/
• https://security.netapp.com/advisory/ntap-20230511-0008/
• https://security.netapp.com/advisory/ntap-20230511-0005/
• https://security.netapp.com/advisory/ntap-20230511-0001/
• https://security.netapp.com/advisory/ntap-20230511-0011/
• https://security.netapp.com/advisory/ntap-20230511-0002/
• https://security.netapp.com/advisory/ntap-20230511-0003/
• https://security.netapp.com/advisory/ntap-20230511-0004/
• https://security.netapp.com/advisory/ntap-20230511-0010/

漏洞識別碼

• CVE-2022-3162
• CVE-2023-0179
• CVE-2023-1077
• CVE-2023-1096
• CVE-2023-1380
• CVE-2023-1544
• CVE-2023-1550
• CVE-2023-1579
• CVE-2023-1652
• CVE-2023-25930
• CVE-2023-26021
• CVE-2023-26022
• CVE-2023-27555
• CVE-2023-27559
• CVE-2023-29255
• CVE-2023-29257

資料來源

• NetApp

相關連結

• https://security.netapp.com/advisory/ntap-20230511-0006/
• https://security.netapp.com/advisory/ntap-20230511-0009/
• https://security.netapp.com/advisory/ntap-20230511-0008/
• https://security.netapp.com/advisory/ntap-20230511-0005/
• https://security.netapp.com/advisory/ntap-20230511-0001/
• https://security.netapp.com/advisory/ntap-20230511-0011/
• https://security.netapp.com/advisory/ntap-20230511-0002/
• https://security.netapp.com/advisory/ntap-20230511-0003/
• https://security.netapp.com/advisory/ntap-20230511-0004/
• https://security.netapp.com/advisory/ntap-20230511-0010/
• https://www.ibm.com/support/pages/node/6985691/