Solved: Re: Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner · ‎2020-06-02

hi all,

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

thanks for any hints,

raoul.

kryan · ‎2020-06-02

Hi,

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

Additionally, you are welcome to open a support case to inquire on these matters. The case # can then be added to the appropriate bug - in this case that bug id is 1277615.

View solution in original post

bretta · ‎2020-06-02

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

kryan · ‎2020-06-02

Hi,

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

Additionally, you are welcome to open a support case to inquire on these matters. The case # can then be added to the appropriate bug - in this case that bug id is 1277615.

Raoul_Schaffner · ‎2020-06-05

hello,

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

cheers,

raoul.

Raoul_Schaffner · ‎2020-11-11

meanwhile, we updated to 9.7p7.

case closed. 🙂