9 advisories tracked · NetApp Product Security Advisories (PSIRT) · direct feeds checked every minute; rate-limited backstops use a safe source cadence
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in NetApp's recent advisories.
NetApp Product Security Advisories (PSIRT)
Polled through NetApp Product Security's official advisory API. It supplies the canonical NTAP advisory ID, NetApp-calculated CVSS, affected and investigating products, remediation releases, workarounds and revision dates without relying on a third-party keyword search.
Visit NetApp security advisoriesMultiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, 3.4, and 3.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400/C400, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 8.13.0 prior to 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). Affected products: ONTAP 9. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.10.6 prior to 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data. Successful exploitation of this vulnerability could lead to addition or modification of data. Affected products: Active IQ Unified Manager for VMware vSphere, NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP 9, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.7 prior to 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. Successful exploitation of this vulnerability could lead to disclosure of sensitive information or addition or modification of data. Affected products: Active IQ Unified Manager for VMware vSphere, NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP 9, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate libcurl. Libcurl versions 7.33.0 through 8.17.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: Active IQ Unified Manager for VMware vSphere, NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP 9. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1. are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). <br><br> NetApp Manageability SDK:<br> OpenSSL was removed in 9.8P8. Affected products: Brocade SAN Navigator (SANnav), Management Services for Element Software and NetApp HCI, NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, NetApp LOADER 8.x, ONTAP 9. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.31.0 through 8.15.0 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or Denial of Service (DoS). Successful exploitation of this vulnerability could lead to addition or modification of data or Denial of Service (DoS). Affected products: Active IQ Unified Manager for Linux, Active IQ Unified Manager for VMware vSphere, NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP 9, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate urllib3. Urllib3 versions prior to 1.26.17 and prior to 2.0.6 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. Successful exploitation of this vulnerability could lead to disclosure of sensitive information or addition or modification of data. Affected products: Active IQ Unified Manager for VMware vSphere, NetApp SolidFire & HCI Storage Node (Element Software), ONTAP Mediator. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Python. Python versions prior to 3.7.17, 3.8.17, 3.9.17, 3.10.12 and 3.11.4 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data. Successful exploitation of this vulnerability could lead to addition or modification of data. Affected products: Active IQ Unified Manager for Microsoft Windows, Active IQ Unified Manager for VMware vSphere, Management Services for Element Software and NetApp HCI, NetApp HCI Compute Node (Bootstrap OS), ONTAP Select Deploy administration utility. NetApp states there is no workaround available at this time.