Active IQ and AutoSupport Discussions

Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner
5,092 Views

hi all,

 

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

 

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

 

thanks for any hints,

raoul.

1 ACCEPTED SOLUTION

kryan
5,063 Views

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

View solution in original post

4 REPLIES 4

bretta
5,064 Views

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

kryan
5,064 Views

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

Raoul_Schaffner
4,912 Views

hello,

 

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

 

cheers,

raoul.

Raoul_Schaffner
4,421 Views

meanwhile, we updated to 9.7p7.

case closed. 🙂

Public