VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, and 3.4 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. Affected products: Active IQ Unified Manager for VMware vSphere, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
What this means
In plain English
Certain OpenSSL releases incorporated into multiple NetApp products contain a vulnerability. If successfully exploited, it could disclose sensitive information or allow an attacker to add or modify data. The advisory does not specify the access or preconditions required for exploitation. NetApp also reports that additional products remain under investigation.
Recommended action
The vendor has not specified a fixed release or workaround. Follow the official NetApp advisory for status updates, including information about additional products under investigation.
Written by AI strictly from the parsed advisory data above — versions, scores and dates are never AI-generated. The vendor advisory is authoritative.
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
No affected-version range was extracted from the source record. The vendor advisory is authoritative — check it before change work.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Mitigation
The vendor states no workaround or mitigation is currently available. Prioritize upgrading to a fixed release, and follow the official advisory for interim guidance.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Official documentation
Canonical NetApp PSIRT advisories with affected products, status and remediation guidance.