Vulnerabilites related to NetApp - Data ONTAP operating in 7-Mode
cve-2019-5493
Vulnerability from cvelistv5
Published
2019-08-02 14:37
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20190801-0002/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netapp | Data ONTAP operating in 7-Mode |
Version: Below 8.2.5P3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190801-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Data ONTAP operating in 7-Mode",
"vendor": "Netapp",
"versions": [
{
"status": "affected",
"version": "Below 8.2.5P3"
}
]
}
],
"datePublic": "2019-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-02T14:37:02",
"orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"shortName": "netapp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190801-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@netapp.com",
"ID": "CVE-2019-5493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data ONTAP operating in 7-Mode",
"version": {
"version_data": [
{
"version_value": "Below 8.2.5P3"
}
]
}
}
]
},
"vendor_name": "Netapp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190801-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190801-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"assignerShortName": "netapp",
"cveId": "CVE-2019-5493",
"datePublished": "2019-08-02T14:37:02",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5501
Vulnerability from cvelistv5
Published
2019-08-02 14:55
Modified
2024-08-04 20:01
Severity ?
EPSS score ?
Summary
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20190801-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetApp | Data ONTAP operating in 7-Mode |
Version: Below 8.2.5P3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190801-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Data ONTAP operating in 7-Mode",
"vendor": "NetApp",
"versions": [
{
"status": "affected",
"version": "Below 8.2.5P3"
}
]
}
],
"datePublic": "2019-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sensitive Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-02T14:55:38",
"orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"shortName": "netapp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190801-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@netapp.com",
"ID": "CVE-2019-5501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data ONTAP operating in 7-Mode",
"version": {
"version_data": [
{
"version_value": "Below 8.2.5P3"
}
]
}
}
]
},
"vendor_name": "NetApp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190801-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190801-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"assignerShortName": "netapp",
"cveId": "CVE-2019-5501",
"datePublished": "2019-08-02T14:55:38",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:51.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5496
Vulnerability from cvelistv5
Published
2018-12-04 20:00
Modified
2024-08-05 05:40
Severity ?
EPSS score ?
Summary
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20181204-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetApp | Data ONTAP operating in 7-Mode |
Version: Versions below 8.2.5P2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:49.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181204-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Data ONTAP operating in 7-Mode",
"vendor": "NetApp",
"versions": [
{
"status": "affected",
"version": "Versions below 8.2.5P2"
}
]
}
],
"datePublic": "2018-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T19:57:01",
"orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"shortName": "netapp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181204-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@netapp.com",
"ID": "CVE-2018-5496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data ONTAP operating in 7-Mode",
"version": {
"version_data": [
{
"version_value": "Versions below 8.2.5P2"
}
]
}
}
]
},
"vendor_name": "NetApp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20181204-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181204-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"assignerShortName": "netapp",
"cveId": "CVE-2018-5496",
"datePublished": "2018-12-04T20:00:00",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-08-05T05:40:49.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201903-0170
Vulnerability from variot
Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY. NetApp Service Processor Firmware contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetAppServiceProcessor is a remote management device from NetApp Corporation of the United States. The product provides node remote management capabilities, including console redirection, logging and power control. An attacker could exploit this vulnerability to execute arbitrary commands. This issue affects the following products and versions: NetApp Service Processor versions 2.8, 3.7, 4.5, and 5.5 running on Clustered Data ONTAP 9.5, 9.4 and 9.3 NetApp Service Processor versions 2.5, 3.4, 3.4 patch1, 3.4 patch2, 4.2, 5.2, 4.2 patch1, 4.2 patch2, 5.2, and 5.2 patch1 running on Clustered Data ONTAP 9.2 NetApp Service Processor versions 2.4.1, 2.4.1 patch1, 3.3, 3.3 patch1, 3.3 patch2, 3.3 patch3, 3.3 patch4, 4.1,4.1 patch1, 4.1 patch2, 4.1 patch3, 4.1 patch4, 4.1 patch4, 4.1 patch5, 4.1 patch6, 5.1, 5.1 patch1, 5.1 patch2, and 5.1 patch3 running on Clustered Data ONTAP 9.1 NetApp Service Processor versions 2.4 and 3.2 running on Clustered Data ONTAP 9.0 NetApp Service Processor versions 2.3.2, 2.3.2 patch1, 2.3.2 patch2, 2.3.2 patch3, 3.1.2, 3.1.2 patch1, and 3.1.2 patch2 running on Clustered Data ONTAP 8.3 NetApp Service Processor versions 2.5, and 3.0.4 running on Clustered Data ONTAP 8.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.1.2"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.0.4"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.4.1"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.3.2"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.2.5"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "5.5"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "5.2"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "4.5"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "4.2"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.7"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.4"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "3.2"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.8"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.5"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.3,
"vendor": "netapp",
"version": "2.4"
},
{
"model": "service processor",
"scope": "eq",
"trust": 0.8,
"vendor": "netapp",
"version": "2.x to 5.x"
},
{
"model": "service processor",
"scope": "eq",
"trust": 0.6,
"vendor": "netapp",
"version": "5.*"
},
{
"model": "service processor",
"scope": "eq",
"trust": 0.6,
"vendor": "netapp",
"version": "4.*"
},
{
"model": "service processor",
"scope": "eq",
"trust": 0.6,
"vendor": "netapp",
"version": "3.*"
},
{
"model": "service processor",
"scope": "eq",
"trust": 0.6,
"vendor": "netapp",
"version": "2.*"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.1.2"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.1.2"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "2.4.1"
},
{
"model": "service processor patch3",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "2.3.2"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "2.3.2"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "2.3.2"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.2"
},
{
"model": "service processor patch3",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.2"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.2"
},
{
"model": "service processor patch6",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch5",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch4",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch3",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.4"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.4"
},
{
"model": "service processor patch4",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "service processor patch3",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "service processor patch2",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "service processor patch1",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "data ontap operating in 7-mode",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.5"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.4"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.3"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.2"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.1"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "9.0"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "8.3"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "8.2"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "5.5"
},
{
"model": "service processor patch2",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "5.2"
},
{
"model": "service processor patch4",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "5.1"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "4.5"
},
{
"model": "service processor patch3",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "4.2"
},
{
"model": "service processor patch7",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "4.1"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "3.7"
},
{
"model": "service processor patch3",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "3.4"
},
{
"model": "service processor patch5",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "3.3"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "3.2"
},
{
"model": "service processor patch3",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "3.1.2"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.8"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.5"
},
{
"model": "service processor patch2",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.4.1"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.4"
},
{
"model": "service processor patch4",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.3.2"
},
{
"model": "service processor patch1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": "2.2.5"
},
{
"model": "clustered data ontap 9.5p1",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap 9.4p6",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap 9.3p11",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap 9.1p17",
"scope": "ne",
"trust": 0.3,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "BID",
"id": "107896"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.8:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.2:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.2:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.2:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.4:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.4:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.3:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.3:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.3:patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.3:patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.3:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.1:patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.4.1:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.4.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.1:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:5.1:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:4.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.1.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.3.2:patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.1.2:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.1.2:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.3.2:patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.3.2:patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.3.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:3.0.4:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:2.2.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5490"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "107896"
}
],
"trust": 0.3
},
"cve": "CVE-2019-5490",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-5490",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-15079",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-5490",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-5490",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-15079",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-293",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2019-5490",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY. NetApp Service Processor Firmware contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetAppServiceProcessor is a remote management device from NetApp Corporation of the United States. The product provides node remote management capabilities, including console redirection, logging and power control. An attacker could exploit this vulnerability to execute arbitrary commands. \nThis issue affects the following products and versions:\nNetApp Service Processor versions 2.8, 3.7, 4.5, and 5.5 running on Clustered Data ONTAP 9.5, 9.4 and 9.3\nNetApp Service Processor versions 2.5, 3.4, 3.4 patch1, 3.4 patch2, 4.2, 5.2, 4.2 patch1, 4.2 patch2, 5.2, and 5.2 patch1 running on Clustered Data ONTAP 9.2\nNetApp Service Processor versions 2.4.1, 2.4.1 patch1, 3.3, 3.3 patch1, 3.3 patch2, 3.3 patch3, 3.3 patch4, 4.1,4.1 patch1, 4.1 patch2, 4.1 patch3, 4.1 patch4, 4.1 patch4, 4.1 patch5, 4.1 patch6, 5.1, 5.1 patch1, 5.1 patch2, and 5.1 patch3 running on Clustered Data ONTAP 9.1\nNetApp Service Processor versions 2.4 and 3.2 running on Clustered Data ONTAP 9.0\nNetApp Service Processor versions 2.3.2, 2.3.2 patch1, 2.3.2 patch2, 2.3.2 patch3, 3.1.2, 3.1.2 patch1, and 3.1.2 patch2 running on Clustered Data ONTAP 8.3\nNetApp Service Processor versions 2.5, and 3.0.4 running on Clustered Data ONTAP 8.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "BID",
"id": "107896"
},
{
"db": "VULMON",
"id": "CVE-2019-5490"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5490",
"trust": 3.4
},
{
"db": "LENOVO",
"id": "LEN-26771",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-15079",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293",
"trust": 0.6
},
{
"db": "BID",
"id": "107896",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2019-5490",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"db": "BID",
"id": "107896"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"id": "VAR-201903-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
}
],
"trust": 0.85113124
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
}
]
},
"last_update_date": "2023-12-18T13:13:30.448000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NTAP-20190305-0001",
"trust": 0.8,
"url": "https://security.netapp.com/advisory/ntap-20190305-0001/"
},
{
"title": "Patch for NetAppServiceProcessor permission and access control issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/161977"
},
{
"title": "NetApp Service Processor Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89923"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1188",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://security.netapp.com/advisory/ntap-20190305-0001/"
},
{
"trust": 1.7,
"url": "http://support.lenovo.com/us/en/solutions/len-26771"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5490"
},
{
"trust": 1.2,
"url": "https://vigilance.fr/vulnerability/netapp-data-ontap-code-execution-via-netapp-service-processor-privileged-account-28695"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5490"
},
{
"trust": 0.3,
"url": "http://www.netapp.com/us/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/1188.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"db": "BID",
"id": "107896"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"db": "BID",
"id": "107896"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"date": "2019-03-05T00:00:00",
"db": "BID",
"id": "107896"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"date": "2019-03-21T19:29:00.580000",
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"date": "2019-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15079"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-5490"
},
{
"date": "2019-03-05T00:00:00",
"db": "BID",
"id": "107896"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003213"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-5490"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetApp Service Processor Firmware vulnerabilities related to authorization, authority, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003213"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-293"
}
],
"trust": 0.6
}
}