Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

SMB1 detected as enabled on Data ONTAP 7-Mode controller where SMB1 has been disabled

Views:
1,768
Visibility:
Public
Votes:
1
Category:
data-ontap-8
Specialty:
cifs
Last Updated:

Applies to

Data ONTAP 8.2.5 7-Mode

Issue

Certain versions of security scanners might report that SMB Version 1 is enabled in Data ONTAP operating in 7-Mode even though it was disabled using the controls added in version 8.2.5.

For Qualsys, this is reported as QID 45261, as seen in the example below.
SMB Version 1 Enabled

QID: 45261
CVE ID: -
Vendor Reference: SMB v1
Bugtraq ID: -
Service Modified: 02/16/2018
User Modified: -
Edited: No
PCI Vuln: No


THREAT:
The Server Message Block (SMB) Protocol is a network file sharing protocol, and as implemented in Microsoft Windows, is known as Microsoft SMB Protocol.
The Windows host has SMBv1 protocol enabled for either:
Client or Server

IMPACT:
SMB protocols could allow a remote attacker to obtain sensitive information from the affected systems

SOLUTION:
Microsoft recommends users to update to the latest SMB versions and stop using SMBv1.
For more information, see Microsoft KB article 2696547

Workaround:
Customers may consider blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.

COMPLIANCE:
Not Applicable

EXPLOITABILITY:
There is no exploitability information for this vulnerability.

ASSOCIATED MALWARE:
There is no malware information for this vulnerability.

RESULTS:
QID: 45261 detected on port 445 over TCP.
SMBv1 is enabled.

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support