Main Vulnerability Database Vulnerabilities #VU19954

Cryptographic issues in Data ONTAP operating in 7-Mode - CVE-2019-5502

Published: August 7, 2019

Vulnerability identifier: #VU19954

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-5502

CWE-ID: CWE-310

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: NetApp

Affected software:
Data ONTAP operating in 7-Mode

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the weak cryptography in the SMB. A remote attacker can gain access to sensitive information and add or modify the data on the target system.

Successful exploitation of this vulnerability could potentially lead to information disclosure or addition or modification of data.

How to mitigate CVE-2019-5502

Install updates from vendor's website.

Sources

https://security.netapp.com/advisory/ntap-20190802-0002/

Cryptographic issues in Data ONTAP operating in 7-Mode - CVE-2019-5502

Detailed vulnerability description

How to mitigate CVE-2019-5502

Sources

Please verify you're human