topic CVE-20122-38023 exposure for ONTAP in ONTAP Discussions https://community.netapp.com/t5/ONTAP-Discussions/CVE-20122-38023-exposure-for-ONTAP/m-p/446477#M42623 <P>Hi</P><P>we've currently non compliant version of ONTAP (9.8.1P18)</P><P>However, the operating system for our CIFS servers in AD is indicated as ONTAP and not Windows, how it's decribed in this KB - <A href="https://kb.netapp.com/onprem/ontap/da/NAS/NTLM_fails_despite_RequireSeal1_on_DCs_for_CVE-2022-38023" target="_blank">NTLM fails despite RequireSeal:1 on DCs for CVE-2022-38023 - NetApp Knowledge Base</A>)</P><P>&nbsp;</P><P>So I would like to understand if our environment is still impacted by the latest Windows patch or not?</P><P>&nbsp;</P><P>At the moment we can see a lot of connections in NTLMv2 on all the CIFS servers but one.</P><P>On that one server there is a problem of access by a Linux client via SMB since the 24th of July, but that is the only reported problem so far.</P><P>&nbsp;</P><P>So I'm just trying to understand if the SMB issue could be related to&nbsp;CVE-20122-38023 or is it just a coincidence.&nbsp;</P><P>&nbsp;</P><P>Don't want to loose time planning the ONTAP upgrade and then find out that it didn't help.</P><P>&nbsp;</P><P>Regards,</P><P>Alexey</P> Wed, 04 Jun 2025 09:46:22 GMT AlexeyF 2025-06-04T09:46:22Z CVE-20122-38023 exposure for ONTAP https://community.netapp.com/t5/ONTAP-Discussions/CVE-20122-38023-exposure-for-ONTAP/m-p/446477#M42623 <P>Hi</P><P>we've currently non compliant version of ONTAP (9.8.1P18)</P><P>However, the operating system for our CIFS servers in AD is indicated as ONTAP and not Windows, how it's decribed in this KB - <A href="https://kb.netapp.com/onprem/ontap/da/NAS/NTLM_fails_despite_RequireSeal1_on_DCs_for_CVE-2022-38023" target="_blank">NTLM fails despite RequireSeal:1 on DCs for CVE-2022-38023 - NetApp Knowledge Base</A>)</P><P>&nbsp;</P><P>So I would like to understand if our environment is still impacted by the latest Windows patch or not?</P><P>&nbsp;</P><P>At the moment we can see a lot of connections in NTLMv2 on all the CIFS servers but one.</P><P>On that one server there is a problem of access by a Linux client via SMB since the 24th of July, but that is the only reported problem so far.</P><P>&nbsp;</P><P>So I'm just trying to understand if the SMB issue could be related to&nbsp;CVE-20122-38023 or is it just a coincidence.&nbsp;</P><P>&nbsp;</P><P>Don't want to loose time planning the ONTAP upgrade and then find out that it didn't help.</P><P>&nbsp;</P><P>Regards,</P><P>Alexey</P> Wed, 04 Jun 2025 09:46:22 GMT https://community.netapp.com/t5/ONTAP-Discussions/CVE-20122-38023-exposure-for-ONTAP/m-p/446477#M42623 AlexeyF 2025-06-04T09:46:22Z