Skip to main content
NetApp Knowledge Base

CVE-2021-3156 - Is NetApp SolidFire and HCI Management Node vulnerable?

Views:
71
Visibility:
Public
Votes:
0
Category:
sf-series
Specialty:
solidfire
Last Updated:

Applies to

  • NetApp Element software Management Node (mNode)
  • NetApp HCI Management Node (mNode)

Answer

Yes. The mNode is vulnerable to CVE-2021-3156 as SSH is enabled by default.

Additional Information

  • Fix will be included in Management Services release v2.18 (ETA April 2021)
  • Disable SSH manually: https:/<mNodeIP>:442/json-rpc/10.3?method=DisableSsh
  • Re-enable SSH: https://<mNodeIP>:442/json-rpc/10.3?method=EnableSsh