Information Disclosure Vulnerability in Clustered Data ONTAP by NetApp
CVE-2018-5497

4.4MEDIUM

Key Information:

Vendor: Netapp
Status: Clustered Data Ontap
Vendor: CVE Published:; 24 January 2019

What is CVE-2018-5497?

Clustered Data ONTAP versions earlier than 9.1P16, 9.3P10, and 9.4P5 contain a vulnerability that allows unauthorized users to access sensitive information. This issue could potentially lead to unauthorized data exposure and affect the overall security of the system. It is crucial for users to update to the specified versions or later to mitigate this risk and protect their sensitive data.

Affected Version(s)

Clustered Data ONTAP Versions prior to 9.1P16, 9.3P10 and 9.4P5

References

https://security.netapp.com/advisory/ntap-20190109-0001/

x_refsource_CONFIRM

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2019
Vulnerability Reserved
Jan 12, 2018

Netapp

What is CVE-2018-5497?

Affected Version(s)

References

CVSS V3.1

Timeline