Data Exposure Vulnerability in ONTAP Select Deploy Administration Utility by NetApp
CVE-2019-5505

9.8CRITICAL

Key Information:

Vendor: Netapp
Status: Ontap Select Deploy Administration Utility
Vendor: CVE Published:; 24 September 2019

What is CVE-2019-5505?

The ONTAP Select Deploy administration utility versions 2.2 to 2.12.1 is susceptible to a data exposure vulnerability whereby sensitive user credentials are transmitted in plaintext. This flaw could potentially allow unauthorized access to systems relying on this utility, raising significant security concerns for users of the affected versions. Implementing secure transmission protocols is crucial to mitigate the risk of credential theft.

Affected Version(s)

ONTAP Select Deploy administration utility Versions 2.2 through 2.12.1

References

https://security.netapp.com/advisory/ntap-20190923-0002/

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2019
Vulnerability Reserved
Jan 7, 2019

Netapp

What is CVE-2019-5505?

Affected Version(s)

References

CVSS V3.1

Timeline