NetApp Products Multiple Vulnerabilities
Release Date:
5 Jul 2021
4717
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in NetApp Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Data Manipulation
System / Technologies affected
- E-Series BIOS
- FAS/AFF BIOS
- NetApp HCI Compute Node BIOS
- NetApp HCI Storage Node BIOS
- NetApp SolidFire BIOS
- NetApp SolidFire & HCI Management Node
- E-Series SANtricity OS Controller Baseboard Management Controller (BMC) - EF600A
- FAS/AFF Baseboard Management Controller (BMC) - A250/500f
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. For detail, please refer to the link below:
https://security.netapp.com/advisory/ntap-20210702-0002/
https://security.netapp.com/advisory/ntap-20210702-0005/
https://security.netapp.com/advisory/ntap-20210702-0006/
Vulnerability Identifier
- CVE-2020-8670
- CVE-2020-8700
- CVE-2020-12357
- CVE-2020-12358
- CVE-2020-12359
- CVE-2020-12360
- CVE-2020-24486
- CVE-2020-25668
- CVE-2020-25669
Source
Related Link
Share with