We are having this same result from an internal Tenable system scan against our OnTap 9.6 version. We have opened a NetApp support ticket which returns us to the KB noted as well as the security advisory (https://security.netapp.com/advisory/ntap-20190910-0002/). We have initiated our internal security office to create a credentialed scan and run it but the results are the same (vulnerability found). NetApp support has stated the credentialed scan should work properly and show there is no vulnerability.
Has anyone encountered this same result and found a resolution?
Perhaps the credentialed scan is not configured properly and Tenable support is required?
Please disregard the reference to an advisory - this is not a vulnerability in ONTAP.
Configure the Nessus scanner to use SSH credentials to allow it to run a command to discover the target is ONTAP and not FreeBSD. As far as my testing has shown, if Nessus is unable to login via SSH it interprets the target OS from "ssh -vvv" output.