topic Security Vulnerability NTAP-20191031-0004 and others in Active IQ and AutoSupport Discussions

Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner — Wed, 04 Jun 2025 11:07:19 GMT

hi all,

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

thanks for any hints,

raoul.

Re: Security Vulnerability NTAP-20191031-0004 and others

bretta — Tue, 02 Jun 2020 14:19:35 GMT

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

Re: Security Vulnerability NTAP-20191031-0004 and others

kryan — Tue, 02 Jun 2020 14:27:24 GMT

Hi,

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

Additionally, you are welcome to open a support case to inquire on these matters. The case # can then be added to the appropriate bug - in this case that bug id is 1277615.

Re: Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner — Fri, 05 Jun 2020 11:44:36 GMT

hello,

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

cheers,

raoul.

Re: Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner — Wed, 11 Nov 2020 08:38:45 GMT

meanwhile, we updated to 9.7p7.

case closed. 🙂