CVE-2024-21990

Name of the Vulnerable Software and Affected Versions ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x

Description The issue is related to hard-coded credentials in the affected software, which could allow an attacker to view configuration information and modify account credentials.

Recommendations For versions 9.12.1.x, consider removing or modifying the hard-coded credentials to prevent unauthorized access. For versions 9.13.1.x, restrict access to the Deploy configuration information until the hard-coded credentials are removed or modified. For versions 9.14.1.x, avoid using the default credentials and update them to unique, secure credentials to minimize the risk of exploitation.