NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

Active IQ and AutoSupport Discussions

Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner
6,031 Views

hi all,

 

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

 

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

 

thanks for any hints,

raoul.

1 ACCEPTED SOLUTION

kryan
6,002 Views

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

View solution in original post

4 REPLIES 4

bretta
6,003 Views

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

kryan
6,003 Views

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

Raoul_Schaffner
5,851 Views

hello,

 

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

 

cheers,

raoul.

Raoul_Schaffner
5,360 Views

meanwhile, we updated to 9.7p7.

case closed. 🙂

Public