Active IQ and AutoSupport Discussions

Highlighted

Security Vulnerability NTAP-20191031-0004 and others

hi all,

 

i have several ontap systems running version 9.6p5. they all report a high-risk security vulnerability in active iq.

the advisory reports that the vulnerability is "first fixed" in ontap 9.7:

https://security.netapp.com/advisory/ntap-20191031-0004/

 

however, it does not mention that the vulnerability might be fixed in a further patch release of the 9.6 train.

how do i find out if that is the case? i'd rather not update to 9.7 just now, but i'm interested in patching sec vuls...

 

thanks for any hints,

raoul.

3 REPLIES 3
Highlighted

Re: Security Vulnerability NTAP-20191031-0004 and others

It looks like 9.6 currently does not have that fix available in a P release. Please open a technical support case and ask for it. That will help drive this particular security issue getting into a P release.

Highlighted

Re: Security Vulnerability NTAP-20191031-0004 and others

Hi,

 

All Full Support releases should eventually have a fix.

https://mysupport.netapp.com/site/info/version-support

 

Additionally, you are welcome to open a support case to inquire on these matters. The case #  can then be added to the appropriate bug - in this case that bug id is 1277615.

Highlighted

Re: Security Vulnerability NTAP-20191031-0004 and others

hello,

 

thank you for the suggestion. i opened a case with netapp and should get a response by monday. i'll keep you posted.

 

cheers,

raoul.

Check out the KB!
NetApp Insights To Action
All Community Forums