CVE-2021-26988
Vulnerability from cvelistv5
Published
2021-03-04 20:44
Modified
2024-08-03 20:40
Severity ?
Summary
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs.
References
security-alert@netapp.comhttps://security.netapp.com/advisory/NTAP-20210303-0001Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/NTAP-20210303-0001Patch, Vendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:40:47.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/NTAP-20210303-0001"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Clustered Data ONTAP",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-04T20:44:47",
        "orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
        "shortName": "netapp"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.netapp.com/advisory/NTAP-20210303-0001"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@netapp.com",
          "ID": "CVE-2021-26988",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Clustered Data ONTAP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.netapp.com/advisory/NTAP-20210303-0001",
              "refsource": "MISC",
              "url": "https://security.netapp.com/advisory/NTAP-20210303-0001"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
    "assignerShortName": "netapp",
    "cveId": "CVE-2021-26988",
    "datePublished": "2021-03-04T20:44:47",
    "dateReserved": "2021-02-09T00:00:00",
    "dateUpdated": "2024-08-03T20:40:47.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFEC5101-670D-4F01-A388-74272316EC86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1BCD26C-1768-471E-B800-7778D68E0E9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"6101ACF8-3D93-49EA-A603-DB32CA26BDA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"C49F40F4-27DA-434E-8522-83C3D1A327C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p12:*:*:*:*:*:*\", \"matchCriteriaId\": \"36AD0CBC-2D46-48DA-A3F2-65BC9F56CAA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p13:*:*:*:*:*:*\", \"matchCriteriaId\": \"E785BFE7-5BE1-418F-9AD8-5FFE892BFB59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p14:*:*:*:*:*:*\", \"matchCriteriaId\": \"741A1EFA-3A52-4F91-92B3-31D4E5007026\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p15:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BE7A114-6F5A-43A8-8C12-7F92EC274D10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p16:*:*:*:*:*:*\", \"matchCriteriaId\": \"68DDF63E-B63B-4C13-AFFF-7A426F76121F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p17:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EE596FF-8EC9-4D14-A55B-763E769A8ACB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p18:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3E87F46-4265-4A30-B353-4AC8EF97E180\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p19:*:*:*:*:*:*\", \"matchCriteriaId\": \"06B78F0B-8923-426A-A1EE-FDD1D1E44A99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4B67B4E-A125-49BF-9AC2-1CF5F48CE738\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p20:*:*:*:*:*:*\", \"matchCriteriaId\": \"290B8746-9651-4DC4-8683-B990F33781FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DDC247F-1144-4E56-8DA6-C6EBB2EAC2E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FFE9204-8E81-493E-9C01-F0E83257688D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A25A4FF8-D296-4786-BA5E-A72EFFBD108A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"53EFE61D-6B27-4536-B153-979C0EB9F60D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C8D9CF7-38C2-4B9C-A0D9-4C06998FD877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"50314453-FAF4-4936-8C54-4600E44C1F31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.3.0:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB31C47F-A27A-4926-9EC7-10C4BF5B9E6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A17F6F98-A754-4BBA-9D86-4A0E5B6AAB94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"42F29C47-17E9-47B7-AB5E-CABA24B2EAE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBE59E7E-C281-4EC3-9717-AEA7C821AE1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A7A126F-2A70-47A7-9324-27C51AD15F1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p12:*:*:*:*:*:*\", \"matchCriteriaId\": \"79F57E15-4244-4B0D-AFB5-BBEA9BC4B3F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p13:*:*:*:*:*:*\", \"matchCriteriaId\": \"0357B72E-E339-4B66-BF5E-5E4271C8266F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p14:*:*:*:*:*:*\", \"matchCriteriaId\": \"AADF4256-0971-4A7B-8466-54DCE2E0C5FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p15:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D1EB144-22E6-421E-B994-FA274525E939\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"84AA2BAD-4415-4F78-8902-BC8155642D74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"35991FCD-795E-4575-8D82-4645F7974C06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB69541-55F8-42E7-98FD-340E377586BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8063EC2-2A7F-4731-B963-FE9264812109\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9820E003-B2FE-4F35-9A84-2AD57BE2A181\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB8CD422-4A61-4663-B612-7B3624F43F21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E86F1D9-802D-41E7-8F6C-B84B8386C424\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.5.0:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4B67F1A-036C-4FB6-A0B8-23FF047039A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7CBC17B-E704-4ED0-9039-B36DAB82DF71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B43376D4-F7DB-41D2-8B80-3CDA6CA46CF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"65738ADA-7C9A-46BA-812D-FC8DDF4D7B16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"387A9333-587B-48E5-A629-A8772EA17294\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"45C35A9A-3C9C-4F1F-8D0A-DB1FEFCE9B87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E0A57F0-B7BE-4E68-89FA-F83A4FA3C1F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"395B8C05-1E47-4A94-93B3-BE5ACD63C1C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"35EE9C90-358F-486B-B01E-1EC4118F7188\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"56B2EA2E-0ACF-4C45-AB01-3668944DE752\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CA3D0E5-DA7D-4BF1-A148-1BC0CEE5A107\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FEBBBD6-E0C6-4CAB-8384-2C9B272824F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.6.0:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"95137AE6-5CA2-439D-BE46-22106478FDD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5726207-4774-4417-BC35-B77F79851579\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4EB0865-6ED4-4794-9E3B-24663708F502\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E69DC9C-D08C-4F31-B708-7253CB115B50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"499EA5F0-C7E9-4C92-8831-B5B45B848EFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"75A1717C-A1B8-46E8-9AD8-68C2E3A7A8B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA76E433-1322-49B9-A823-51A317710671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5AD0FE3-5C42-46A5-90CD-DB9CD0F4EA3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.7.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"08FD58E1-D2DE-44CA-9579-0DBFDD9D8ECF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:data_ontap:9.8.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C4C4BDA-E02A-48C3-B1E7-EDC502783E7B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs.\"}, {\"lang\": \"es\", \"value\": \"Clustered Data ONTAP versiones anteriores a 9.3P21, 9.5P16, 9.6P12, 9.7P8 y 9.8, son susceptibles a una vulnerabilidad que podr\\u00eda permitir a los usuarios invitados no autorizados detectar informaci\\u00f3n relacionada con la conversi\\u00f3n de un directorio 7-Mode a Cluster-mode, como Storage Virtual Machine (SVM), nombres de volumen, rutas de directorio y ID de trabajo\"}]",
      "id": "CVE-2021-26988",
      "lastModified": "2024-11-21T05:57:08.987",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.5, \"baseSeverity\": \"LOW\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 2.7, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 5.1, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-03-04T21:15:13.947",
      "references": "[{\"url\": \"https://security.netapp.com/advisory/NTAP-20210303-0001\", \"source\": \"security-alert@netapp.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/NTAP-20210303-0001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-alert@netapp.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-862\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-26988\",\"sourceIdentifier\":\"security-alert@netapp.com\",\"published\":\"2021-03-04T21:15:13.947\",\"lastModified\":\"2024-11-21T05:57:08.987\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a vulnerability which could allow unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode such as Storage Virtual Machine (SVM) names, volume names, directory paths and Job IDs.\"},{\"lang\":\"es\",\"value\":\"Clustered Data ONTAP versiones anteriores a 9.3P21, 9.5P16, 9.6P12, 9.7P8 y 9.8, son susceptibles a una vulnerabilidad que podr\u00eda permitir a los usuarios invitados no autorizados detectar informaci\u00f3n relacionada con la conversi\u00f3n de un directorio 7-Mode a Cluster-mode, como Storage Virtual Machine (SVM), nombres de volumen, rutas de directorio y ID de trabajo\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":2.7,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.1,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEC5101-670D-4F01-A388-74272316EC86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1BCD26C-1768-471E-B800-7778D68E0E9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"6101ACF8-3D93-49EA-A603-DB32CA26BDA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"C49F40F4-27DA-434E-8522-83C3D1A327C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"36AD0CBC-2D46-48DA-A3F2-65BC9F56CAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E785BFE7-5BE1-418F-9AD8-5FFE892BFB59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"741A1EFA-3A52-4F91-92B3-31D4E5007026\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BE7A114-6F5A-43A8-8C12-7F92EC274D10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"68DDF63E-B63B-4C13-AFFF-7A426F76121F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p17:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EE596FF-8EC9-4D14-A55B-763E769A8ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p18:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E87F46-4265-4A30-B353-4AC8EF97E180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p19:*:*:*:*:*:*\",\"matchCriteriaId\":\"06B78F0B-8923-426A-A1EE-FDD1D1E44A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B67B4E-A125-49BF-9AC2-1CF5F48CE738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p20:*:*:*:*:*:*\",\"matchCriteriaId\":\"290B8746-9651-4DC4-8683-B990F33781FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DDC247F-1144-4E56-8DA6-C6EBB2EAC2E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FFE9204-8E81-493E-9C01-F0E83257688D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A25A4FF8-D296-4786-BA5E-A72EFFBD108A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"53EFE61D-6B27-4536-B153-979C0EB9F60D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8D9CF7-38C2-4B9C-A0D9-4C06998FD877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"50314453-FAF4-4936-8C54-4600E44C1F31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.3.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB31C47F-A27A-4926-9EC7-10C4BF5B9E6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A17F6F98-A754-4BBA-9D86-4A0E5B6AAB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"42F29C47-17E9-47B7-AB5E-CABA24B2EAE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBE59E7E-C281-4EC3-9717-AEA7C821AE1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A7A126F-2A70-47A7-9324-27C51AD15F1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F57E15-4244-4B0D-AFB5-BBEA9BC4B3F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"0357B72E-E339-4B66-BF5E-5E4271C8266F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"AADF4256-0971-4A7B-8466-54DCE2E0C5FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D1EB144-22E6-421E-B994-FA274525E939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"84AA2BAD-4415-4F78-8902-BC8155642D74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"35991FCD-795E-4575-8D82-4645F7974C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB69541-55F8-42E7-98FD-340E377586BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8063EC2-2A7F-4731-B963-FE9264812109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9820E003-B2FE-4F35-9A84-2AD57BE2A181\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8CD422-4A61-4663-B612-7B3624F43F21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E86F1D9-802D-41E7-8F6C-B84B8386C424\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.5.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4B67F1A-036C-4FB6-A0B8-23FF047039A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7CBC17B-E704-4ED0-9039-B36DAB82DF71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B43376D4-F7DB-41D2-8B80-3CDA6CA46CF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"65738ADA-7C9A-46BA-812D-FC8DDF4D7B16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"387A9333-587B-48E5-A629-A8772EA17294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C35A9A-3C9C-4F1F-8D0A-DB1FEFCE9B87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E0A57F0-B7BE-4E68-89FA-F83A4FA3C1F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"395B8C05-1E47-4A94-93B3-BE5ACD63C1C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"35EE9C90-358F-486B-B01E-1EC4118F7188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"56B2EA2E-0ACF-4C45-AB01-3668944DE752\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CA3D0E5-DA7D-4BF1-A148-1BC0CEE5A107\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FEBBBD6-E0C6-4CAB-8384-2C9B272824F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.6.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"95137AE6-5CA2-439D-BE46-22106478FDD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5726207-4774-4417-BC35-B77F79851579\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4EB0865-6ED4-4794-9E3B-24663708F502\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E69DC9C-D08C-4F31-B708-7253CB115B50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"499EA5F0-C7E9-4C92-8831-B5B45B848EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A1717C-A1B8-46E8-9AD8-68C2E3A7A8B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA76E433-1322-49B9-A823-51A317710671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AD0FE3-5C42-46A5-90CD-DB9CD0F4EA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.7.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FD58E1-D2DE-44CA-9579-0DBFDD9D8ECF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:9.8.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C4C4BDA-E02A-48C3-B1E7-EDC502783E7B\"}]}]}],\"references\":[{\"url\":\"https://security.netapp.com/advisory/NTAP-20210303-0001\",\"source\":\"security-alert@netapp.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/NTAP-20210303-0001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.