Denial of Service Vulnerability in Clustered Data ONTAP by NetApp
CVE-2021-26989

6.5MEDIUM

Key Information:

Vendor
Netapp
Status
Clustered Data Ontap
Vendor
CVE Published:
4 March 2021

Summary

Clustered Data ONTAP, an enterprise storage solution by NetApp, is vulnerable to a Denial of Service (DoS) attack when configured for SMB access. This flaw affects specific versions of the software, enabling a remote authenticated attacker to disrupt service availability. Organizations using impacted versions should prioritize updating to the latest secure releases to mitigate this risk.

Affected Version(s)

Clustered Data ONTAP Prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8

References

https://security.netapp.com/advisory/NTAP-20210303-0002
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2021-26989 : Denial of Service Vulnerability in Clustered Data ONTAP by NetApp | SecurityVulnerability.io