AFF

Security Warning - Service Processor Firmware upgrades required

AlexDawson

Hi Everyone!

 

We have today posted this article on our security site - https://security.netapp.com/advisory/ntap-20190305-0001/ alerting all customers to a newly discovered security issue with service processors inside ONTAP systems.

 

The affected models are FAS80x0, FAS8200, AFF A300, FAS22xx, FAS25xx, FAS26xx, AFF A200, FAS9000 and AFF A700.

 

In case of disagreement, the CVE doc is authoritative.

1 ACCEPTED SOLUTION

AlexDawson

Hi Adam,

 

I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory -  you should move ahead with the SP upgrades ASAP.

View solution in original post

3 REPLIES 3

apjkellyuk

Alex,

 

Please can you ensure that the link to the CVE documentation is updated in your advisory as currently the link is not valid and we would like to fully review this prior to completing an upgrade.

 

Thanks

Adam

AlexDawson

Hi Adam,

 

I understand your concern and have requested that our security team work with NIST to ensure this content is corrected, however with a severity of 9.8, this is not a “watch and act” advisory -  you should move ahead with the SP upgrades ASAP.

View solution in original post

refsysadmin

We have a FAS255. Our service processor firmware version is 2.6. Our ONTAP version is NetApp Release 9.3P6.  I don't see a patch for 2.6. Does this mean we have to update ONTAP too?

 

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public