VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, 3.4, and 3.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: Active IQ Unified Manager for Linux, Active IQ Unified Manager for VMware vSphere, NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
What this means
In plain English
The affected NetApp products incorporate OpenSSL versions that are susceptible to a vulnerability. If successfully exploited, the vulnerability could disclose sensitive information. The advisory does not specify the required access, preconditions, or exploitation method.
Recommended action
The vendor has not specified a fixed release or workaround and states that no workaround is available at this time. Follow the official advisory for current remediation status, including updates for products still under investigation.
Written by AI strictly from the parsed advisory data above — versions, scores and dates are never AI-generated. The vendor advisory is authoritative.
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
No affected-version range was extracted from the source record. The vendor advisory is authoritative — check it before change work.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Mitigation
The vendor states no workaround or mitigation is currently available. Prioritize upgrading to a fixed release, and follow the official advisory for interim guidance.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Official documentation
Canonical NetApp PSIRT advisories with affected products, status and remediation guidance.