Data Exposure Vulnerability in ONTAP Select Deploy Administration Utility by NetApp
CVE-2019-5505

9.8CRITICAL

Key Information:

Vendor
Netapp
Status
Ontap Select Deploy Administration Utility
Vendor
CVE Published:
24 September 2019

Summary

The ONTAP Select Deploy administration utility versions 2.2 to 2.12.1 is susceptible to a data exposure vulnerability whereby sensitive user credentials are transmitted in plaintext. This flaw could potentially allow unauthorized access to systems relying on this utility, raising significant security concerns for users of the affected versions. Implementing secure transmission protocols is crucial to mitigate the risk of credential theft.

Affected Version(s)

ONTAP Select Deploy administration utility Versions 2.2 through 2.12.1

References

https://security.netapp.com/advisory/ntap-20190923-0002/
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2019-5505 : Data Exposure Vulnerability in ONTAP Select Deploy Administration Utility by NetApp | SecurityVulnerability.io