Skip to main content
NetApp Knowledge Base

Search

  • Filter results by:
    • View attachments
    Searching in
    About 14 results
    • https://kb.netapp.com/Legacy/AltaVault/AltaVault_reported_NFS_Utils_Xlog_Remote_Buffer_Overrun_Vulnerability
      Applies to AltaVault (AVA) Issue Altavault is reported to have NFS-Utils Xlog Remote Buffer Overrun Vulnerability (CVE-2003-0252)
    • https://kb.netapp.com/hybrid/StorageGRID/Protocols/Vulnerability_scanner_detects_OpenSSH_on_StorageGRID_system
      Applies to NetApp StorageGRID Issue Vulnerability scanner detects OpenSSH Improper Authorization on versions prior to 9.3p2.
    • https://kb.netapp.com/Cloud/Cloud_Volumes_ONTAP/Who_is_responsible_for_patching_and_remediation_of_vulnerabilities_of_ONTAP_resides_in_Azure
      Applies to Azure Cloud Volume ONTAP (CVO) Patching and Remediation of Vulnerabilities Answer NetApp evaluates known vulnerabilities against all full supported ONTAP releases and will patch those deeme...Applies to Azure Cloud Volume ONTAP (CVO) Patching and Remediation of Vulnerabilities Answer NetApp evaluates known vulnerabilities against all full supported ONTAP releases and will patch those deemed affected regardless of where the vulnerability exists in the software. Additional Information NetApp recommends to all of its customers that updating to the latest supported ONTAP release for a platform is a good security practice.
    • https://kb.netapp.com/hybrid/StorageGRID/Platforms/SSL_Self-Signed_Certificate_vulnerability_flagged_for_StorageGRID
      Applies to StorageGRID 11.6 StorageGRID storage appliance 18082 ports for S3 protocol Tenable Vulnerability Scanner SSL Self-Signed Certificate vulnerability SSL Certificate Cannot Be Trusted vulnerab...Applies to StorageGRID 11.6 StorageGRID storage appliance 18082 ports for S3 protocol Tenable Vulnerability Scanner SSL Self-Signed Certificate vulnerability SSL Certificate Cannot Be Trusted vulnerability Issue Tenable Plugin: 57582 The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
    • https://kb.netapp.com/on-prem/Switches/Brocade-KBs/How_to_change__SSH_ciphers_or_MAC_algorithms_on_Brocade_FOS
      Deprecated SSH Cryptographic Settings
    • https://kb.netapp.com/on-prem/ontap/Ontap_OS/OS-KBs/ONTAP_OS_appears_vulnerable_to_Open_SSH_CBC_Cipher_Block_Chaining_attack
      Applies to ONTAP 9.x Data ONTAP 7-Mode 8.x ONTAP Select 9.x Issue Versions of OpenSSH below 4.71 are vulnerable to an exploit allowing attackers to extract arbitrary plain text from cipher text. 14-32...Applies to ONTAP 9.x Data ONTAP 7-Mode 8.x ONTAP Select 9.x Issue Versions of OpenSSH below 4.71 are vulnerable to an exploit allowing attackers to extract arbitrary plain text from cipher text. 14-32 bits of text are extractable although the odds of extracting a full 32 bits of data are extremely low. For related AIQUM error, see "SSH is using insecure ciphers" event is detected on Active IQ Unified Manager
    • https://kb.netapp.com/on-prem/ontap/Ontap_OS/OS-KBs/Which_version_of_Apache_is_included_in_ONTAP
      Applies to ONTAP 9 Answer The version of Apache HTTP server included in a particular ONTAP release can be located in the associated open source licensing information (NOTICE file). Additional Informat...Applies to ONTAP 9 Answer The version of Apache HTTP server included in a particular ONTAP release can be located in the associated open source licensing information (NOTICE file). Additional Information For specific CVE IDs refer to NetApp's Security Advisories for current, up-to-date, authorized and accurate information regarding Full Support products and versions.
    • https://kb.netapp.com/data-mgmt/OCI_Kbs/OnCommand_Insight_MySQL_upgrade_required_due_to_Security_Vulnerability
      Applies to OnCommand Insight (OCI) 7.3.x OnCommand Insight Data Warehouse (DWH) 7.3.x Microsoft Windows Server Red Hat Enterprise Linux Oracle Linux OpenSuSE CentOS Issue Output from a security scanne...Applies to OnCommand Insight (OCI) 7.3.x OnCommand Insight Data Warehouse (DWH) 7.3.x Microsoft Windows Server Red Hat Enterprise Linux Oracle Linux OpenSuSE CentOS Issue Output from a security scanner reads similar to the following: Vulnerability scan has found that mysql server running on the OCI DWH server is missing critical patches of Jan 2020. OnCommand Insight 7.3.9 build 76, service pack 7 Current version: MySQL 5.7.28
    • https://kb.netapp.com/hybrid/StorageGRID/Alerts/StorageGRID_IPMI_v2.0_Password_Hash_Disclosure_vulnerability_detected
      Applies to NetApp StorageGRID IPMI v2.0 Password Hash Disclosure vulnerability Issue Security scan detects the IPMI v2.0 Password Hash Disclosure vulnerability across the StorageGRID system.
    • https://kb.netapp.com/on-prem/ontap/ontap-select/Select-KBs/ONTAP_Select_VM_hardware_version_needs_to_be_upgraded_due_to_VMSA-2018-0004
      Site vulnerability scans report that VMware VM's running hardware version 7 or less have the following vulnerabilities: To remediate CVE-2017-5715 in the Guest OS the following VMware and third party ...Site vulnerability scans report that VMware VM's running hardware version 7 or less have the following vulnerabilities: To remediate CVE-2017-5715 in the Guest OS the following VMware and third party requirements must be met. • Deploy the updated version of vCenter Server listed in the table (if vCenter Server is used). • Deploy the ESXi patches and/or the new versions for Workstation or Fusion listed in the table.
    • https://kb.netapp.com/on-prem/Switches/Broadcom-KBs/How_to_review_security_vulnerabilities_for_Brocade_products
      Applies to Brocade Description Brocade publishes a list of latest common vulnerabilities and exposures (CVE) in their Brocade Security Advisories website, which may or may not be affecting their curre...Applies to Brocade Description Brocade publishes a list of latest common vulnerabilities and exposures (CVE) in their Brocade Security Advisories website, which may or may not be affecting their current line of products.