漏洞类别:General remote services
漏洞等级: 
漏洞信息
NetApp Data ONTAP is a data management software which allows unifying storage infrastructures across flash, disk and cloud.
NetApp Data ONTAP operating in 7-Mode allows unauthorized information disclosure or modification on volumes that have ".UTF-8" appended to the volume language.
Affected Versions:
NetApp Data ONTAP versions prior to 8.2.4, when operating in 7-Mode
QID Detection Logic:
This QID gets vulnerable version of NetApp ONTAP either via HTTP Banner or SNMP
NOTE:This vulnerability affects devices that are operating in 7-Mode and have ".UTF-8" appended to the volume language.
漏洞危害
An unauthenticated, remote attacker could exploit this vulnerability to retrieve sensitive information or modify volumes.
解决方案
Customers are advised to refer to NTAP-20151112-0001 for more information about patching this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论