Skip to main content

NetApp_Insight_2020.png 

NetApp Knowledgebase

Vulnerability Scanner indicates ONTAP NFS exports are insecurely set to allow Everyone access

Views:
1,054
Visibility:
Public
Votes:
1
Category:
data-ontap-8
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9.2
  • ONTAP 9.6
  • ONTAP 9
  • ONTAP 9.5
  • ONTAP 9.3
  • ONTAP 9.4
  • ONTAP 9.1

Issue

The security scanner may indicate that all NFS exports shared from ONTAP are set to allow "Everyone" access with no restrictions.
 
You may see output similar to the following in the scanner results:
 
"RPC Mountd Allows Remote Anonymous File System Root Mount"
"Synopsis: The remote NFS server exports world-readable shares."

Description
The remote NFS server is exporting one or more shares without restricting access (based on hostname, IP, or IP range).

Solution
Place the appropriate restrictions on all NFS shares.
 
 
Plugin Output
The following shares have no access restrictions : 
 /

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support