Information Disclosure Vulnerability in Clustered Data ONTAP by NetApp
CVE-2018-5497

4.4MEDIUM

Key Information:

Vendor
Netapp
Status
Clustered Data Ontap
Vendor
CVE Published:
24 January 2019

Summary

Clustered Data ONTAP versions earlier than 9.1P16, 9.3P10, and 9.4P5 contain a vulnerability that allows unauthorized users to access sensitive information. This issue could potentially lead to unauthorized data exposure and affect the overall security of the system. It is crucial for users to update to the specified versions or later to mitigate this risk and protect their sensitive data.

Affected Version(s)

Clustered Data ONTAP Versions prior to 9.1P16, 9.3P10 and 9.4P5

References

https://security.netapp.com/advisory/ntap-20190109-0001/
x_refsource_CONFIRM

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2018-5497 : Information Disclosure Vulnerability in Clustered Data ONTAP by NetApp | SecurityVulnerability.io