SolidFire and HCI

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SolidFire and HCI

Ask a Question

HCI IPMI Weak MAC Algorithms

chinchillaking
‎2021-07-07 02:08 AM
2,531 Views

Hello,

 

Nessus scan discover CVE-2008-5161 HCI IPMI Weak MAC Algorithms as below, I cannot found below solution from google or NetApp support portal, anyone advise?

 

71049 - SSH Weak MAC Algorithms Enabled
Synopsis
The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms.
Description
The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are
considered weak.
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software
versions.
Solution
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
Risk Factor
Low

 

 

Best regards,

 

Chung

0 Kudos
Tags (1)
1 ACCEPTED SOLUTION

pedro_rocha
‎2021-07-07 07:25 AM
2,493 Views

Hello,

 

I found this bug: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=424122

 

From there:

 

" Certain versions of security scanners might report one or more of the CVEs
listed in the Notes section as vulnerabilities present in the product.
NetApp has assessed the product and determined that it is vulnerable but
that an attack attempt has a low probability of success. Each failure will
cause a connection termination with a fatal error and an attacker would be
required to launch thousands of connection-killing attempts before achieving
a successful result.

This CVE has a CVSS v2 Base Score of 2.6 (LOW) (AV:N/AC:H/Au:N/C:P/I:N/A:N)."

 

There is not workaround and the bug is related to 7-mode systems (which I do not know if it is your case).

 

Regards,

Pedro

View solution in original post

3 REPLIES 3

pedro_rocha
‎2021-07-07 07:25 AM
2,494 Views

Hello,

 

I found this bug: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=424122

 

From there:

 

" Certain versions of security scanners might report one or more of the CVEs
listed in the Notes section as vulnerabilities present in the product.
NetApp has assessed the product and determined that it is vulnerable but
that an attack attempt has a low probability of success. Each failure will
cause a connection termination with a fatal error and an attacker would be
required to launch thousands of connection-killing attempts before achieving
a successful result.

This CVE has a CVSS v2 Base Score of 2.6 (LOW) (AV:N/AC:H/Au:N/C:P/I:N/A:N)."

 

There is not workaround and the bug is related to 7-mode systems (which I do not know if it is your case).

 

Regards,

Pedro

ddansf
NetApp
‎2021-07-07 08:39 AM
2,481 Views

Please open a support case with the details and support can investigate current state for you.

0 Kudos

kryan
NetApp
‎2021-07-20 12:24 PM
2,290 Views

Please post the support case # when it is available.

0 Kudos
All Community Forums
Public