ONTAP AV CONNECTOR installation includes Visual C++ 2010 Redistributable package 32-bit which is vulnerable to CVE-2010-3190
Applies to
- ONTAP 9
- ONTAP AV CONNECTOR 1.0.4.0
- Windows server 2016 Standard
- Windows server 2012 R2 Standard
Issue
When installing ONTAP AV CONNECTOR version 1.0.4.0, Microsoft Visual C++ 2010 x86 Redistributable package (10.0.30319) is also installed along with it which is vulnerable.