ONTAP versions 9.0 Improper Certificate Validation Vulnerability

Summary

ONTAP versions 9.0 suffers from improper certificate validation vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at: https://security.netapp.com/advisory/ntap-20191009-0003/


Details

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.

Vulnerable Systems:

ONTAP versions 9.0 

CVE Information:

CVE-2019-5506

Disclosure Timeline:
Published Date:10/09/2019