PT-2020-9888 · Netapp · Netapp Fas 8300+2
Published
2020-02-26
·
Updated
2020-08-24
·
CVE-2019-17274
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions prior to 13.1P1
Description
The issue allows unauthorized arbitrary command execution via local access due to a default account being enabled.
Recommendations
For versions prior to 13.1P1, update the firmware to version 13.1P1 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netapp Aff A400
Netapp Fas 8300
Netapp Fas 8700