Remote Server Crash Vulnerability in Clustered Data ONTAP by NetApp
CVE-2021-27005

7.5HIGH

Key Information:

Vendor
Netapp
Status
Clustered Data Ontap
Vendor
CVE Published:
1 November 2021

Summary

A remote attacker can exploit a vulnerability in versions 9.6 and higher of NetApp's Clustered Data ONTAP, causing the httpd server to crash. This could lead to unavailability of the service and potential disruption for users relying on this infrastructure. Users should apply the necessary updates to secure their systems.

Affected Version(s)

Clustered Data ONTAP Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3

References

https://security.netapp.com/advisory/NTAP-20211029-0002/
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2021-27005 : Remote Server Crash Vulnerability in Clustered Data ONTAP by NetApp | SecurityVulnerability.io