AFF

Security Warning - Service Processor Firmware upgrades required

AlexDawson
2,872 Views

Hi Everyone!

 

We have today posted this article on our security site - https://security.netapp.com/advisory/ntap-20190305-0001/ alerting all customers to a newly discovered security issue with service processors inside ONTAP systems.

 

The affected models are FAS80x0, FAS8200, AFF A300, FAS22xx, FAS25xx, FAS26xx, AFF A200, FAS9000 and AFF A700.

 

In case of disagreement, the CVE doc is authoritative.

1 ACCEPTED SOLUTION

AlexDawson
2,814 Views

Hi Adam,

 

I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory -  you should move ahead with the SP upgrades ASAP.

View solution in original post

3 REPLIES 3

apjkellyuk
2,832 Views

Alex,

 

Please can you ensure that the link to the CVE documentation is updated in your advisory as currently the link is not valid and we would like to fully review this prior to completing an upgrade.

 

Thanks

Adam

AlexDawson
2,815 Views

Hi Adam,

 

I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory -  you should move ahead with the SP upgrades ASAP.

refsysadmin
2,696 Views

We have a FAS255. Our service processor firmware version is 2.6. Our ONTAP version is NetApp Release 9.3P6.  I don't see a patch for 2.6. Does this mean we have to update ONTAP too?

 

Public