The official site for Saudi CERT
NetApp Alert
2654
Warning Date
Severity Level
Warning Number
Target Sector
14 February, 2023
● High
2023-5453
All
NetApp has released security updates to address multiple vulnerabilities in the following products:
- NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S
- NetApp HCI Baseboard Management Controller (BMC) - H410C
- Management Services for Element Software and NetApp HCI
- NetApp Manageability SDK
- ONTAP 9 (formerly Clustered Data ONTAP)
- OnCommand Workflow Automation
- Active IQ Unified Manager for Microsoft Windows
- Active IQ Unified Manager for VMware vSphere
- ONTAP Mediator
- ONTAP Select Deploy administration utility
- Active IQ Unified Manager for VMware vSphere
- Brocade SAN Navigator (SANnav)
- ONTAP tools for VMware vSphere
- FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400
- AFF Baseboard Management Controller (BMC) - A700s
Attacker could exploit these vulnerabilities to achieve the following:
- Sensitive Information Disclosure
- Denial of Service (DoS)
- addition or modification of data
The CERT team encourages users to update the affected versions and review NetApp security advisory:
https://security.netapp.com/advisory/ntap-20230214-0003/
https://security.netapp.com/advisory/ntap-20230214-0005/
https://security.netapp.com/advisory/ntap-20230214-0004/
https://security.netapp.com/advisory/ntap-20230214-0010/
https://security.netapp.com/advisory/ntap-20230214-0009/
https://security.netapp.com/advisory/ntap-20230214-0007/
https://security.netapp.com/advisory/ntap-20230214-0001/
https://security.netapp.com/advisory/ntap-20230214-0008/
https://security.netapp.com/advisory/ntap-20230214-0002/
Rate the content
Share the page
