Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege Escalation Vulnerability in ONTAP 9
Vulnerability Description
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible actions include viewing limited configuration details and metrics or modifying limited settings, some of which could result in a Denial of Service (DoS).
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
NetApp ONTAP 安全漏洞
Vulnerability Description
NetApp ONTAP是美国网络器械(NetApp)公司的一款专有操作系统。用于存储磁盘阵列。 NetApp ONTAP 9.9.1P18、9.10.1P16、9.11.1P13、9.12.1P10 和 9.13.1P4 之前版本存在安全漏洞,该漏洞源于允许拥有多个具有不同角色的远程帐户的经过身份验证的用户通过 REST API 执行超出其权限的操作,包括查看有限的配置详细信息和指标或修改有限的设置,其中一些可能会导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A