Active IQ and AutoSupport Discussions

Security Vulnerability NTAP-20191031-0004 and others

Raoul_Schaffner

hi all,

 

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

 

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

 

thanks for any hints,

raoul.

1 ACCEPTED SOLUTION

kryan

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

View solution in original post

4 REPLIES 4

bretta

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

kryan

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

View solution in original post

Raoul_Schaffner

hello,

 

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

 

cheers,

raoul.

meanwhile, we updated to 9.7p7.

case closed. 🙂

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public