mickmick.net

NetApp Products Multiple Vulnerabilities

Release Date: 9 Sep 2024

RISK: Medium Risk

TYPE: Servers - Other Servers

Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.

---

Impact

• Denial of Service
• Data Manipulation
• Information Disclosure

---

System / Technologies affected

• E-Series SANtricity OS Controller Software 11.x

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• https://security.netapp.com/advisory/ntap-20240905-0004/
• https://security.netapp.com/advisory/ntap-20240905-0005/
• https://security.netapp.com/advisory/ntap-20240905-0006/
• https://security.netapp.com/advisory/ntap-20240905-0009/
• https://security.netapp.com/advisory/ntap-20240905-0010/

---

Vulnerability Identifier

• CVE-2024-36904
• CVE-2024-36905
• CVE-2024-36916
• CVE-2024-36919
• CVE-2024-36929

---

Source

• NetApp

---

Related Link

• https://security.netapp.com/advisory/ntap-20240905-0004/
• https://security.netapp.com/advisory/ntap-20240905-0005/
• https://security.netapp.com/advisory/ntap-20240905-0006/
• https://security.netapp.com/advisory/ntap-20240905-0009/
• https://security.netapp.com/advisory/ntap-20240905-0010/