Denial of Service Vulnerability in ONTAP 9
CVE-2023-27314

7.5HIGH

Key Information:

Vendor: Netapp
Status: Ontap 9
Vendor: CVE Published:; 12 October 2023

Summary

The identified vulnerability in NetApp's ONTAP product could enable a remote, unauthenticated attacker to exploit the HTTP service, potentially leading to a service crash. This poses significant risk as it can disrupt operations and availability of affected installations, necessitating immediate attention from system administrators to apply necessary patches and updates.

Affected Version(s)

ONTAP 9 0 < 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2, 9.13.1

References

https://security.netapp.com/advisory/ntap-20231009-0001/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 12, 2023
Vulnerability Reserved
Feb 28, 2023