https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146942#M544 <P>Hi Adam,</P> <P>&nbsp;</P> <P>I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory - &nbsp;you should move ahead with the SP upgrades ASAP.</P> Wed, 06 Mar 2019 10:10:16 GMT AlexDawson 2019-03-06T10:10:16Z https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146938#M541 <P>Hi Everyone!</P> <P>&nbsp;</P> <P>We have today posted this article on our security site -&nbsp;<A href="https://security.netapp.com/advisory/ntap-20190305-0001/" target="_blank">https://security.netapp.com/advisory/ntap-20190305-0001/</A> alerting all customers to a newly discovered security issue with service processors inside ONTAP systems.</P> <P>&nbsp;</P> <P><SPAN>The affected models are FAS80x0, FAS8200, AFF A300, FAS22xx, FAS25xx, FAS26xx, AFF A200, FAS9000 and AFF A700.</SPAN></P> <P>&nbsp;</P> <P><SPAN>In case of disagreement, the CVE doc </SPAN><SPAN>is authoritative.</SPAN></P> Wed, 04 Jun 2025 12:46:12 GMT https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146938#M541 AlexDawson 2025-06-04T12:46:12Z https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146941#M543 <P>Alex,</P> <P>&nbsp;</P> <P>Please can you ensure that the link to the CVE documentation is updated in your advisory as currently the link is not valid and we would like to fully review this prior to completing an upgrade.</P> <P>&nbsp;</P> <P>Thanks</P> <P>Adam</P> Wed, 06 Mar 2019 09:12:46 GMT https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146941#M543 apjkellyuk 2019-03-06T09:12:46Z https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146942#M544 <P>Hi Adam,</P> <P>&nbsp;</P> <P>I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory - &nbsp;you should move ahead with the SP upgrades ASAP.</P> Wed, 06 Mar 2019 10:10:16 GMT https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/146942#M544 AlexDawson 2019-03-06T10:10:16Z https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/147112#M549 <P>We have a <SPAN style="font-size: 12.000000pt; font-family: 'DejaVuSans';">FAS255. </SPAN>Our service processor firmware version is 2.6. Our ONTAP version is NetApp Release 9.3P6.&nbsp; I don't see a patch for 2.6. Does this mean we have to update ONTAP too?</P> <P>&nbsp;</P> Wed, 13 Mar 2019 15:35:51 GMT https://community.netapp.com/t5/AFF/Security-Warning-Service-Processor-Firmware-upgrades-required/m-p/147112#M549 refsysadmin 2019-03-13T15:35:51Z