PT-2019-17714 · Netapp · Netapp Aff A700S Baseboard Management Controller (Bmc) Firmware

Published

2019-07-01

Updated

2020-08-24

CVE-2019-5497

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher

Description The issue concerns a default account enabled in the firmware that could allow unauthorized arbitrary command execution.

Recommendations For NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher, disable the default account to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188

Related Identifiers

CVE-2019-5497

Affected Products

Netapp Aff A700S Baseboard Management Controller (Bmc) Firmware

PT-2019-17714 · Netapp · Netapp Aff A700S Baseboard Management Controller (Bmc) Firmware

CVE-2019-5497

Weakness Enumeration

Related Identifiers

Affected Products

References · 4