Vulnerabilities > CVE-2021-26995 - Unspecified vulnerability in Netapp E-Series Santricity OS Controller

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

netapp

NVD

Published: 2021-06-11

Updated: 2021-06-22

Summary

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp E Series Santricity OS Controller 11.0.0 Netapp E Series Santricity OS Controller 11.20 Netapp E Series Santricity OS Controller 11.25 Netapp E Series Santricity OS Controller 11.30 Netapp E Series Santricity OS Controller 11.30.5R3 Netapp E Series Santricity OS Controller 11.40 Netapp E Series Santricity OS Controller 11.40.3R2 Netapp E Series Santricity OS Controller 11.40.5 Netapp E Series Santricity OS Controller 11.50.1 Netapp E Series Santricity OS Controller 11.50.2 Netapp E Series Santricity OS Controller 11.60 Netapp E Series Santricity OS Controller 11.60.0 Netapp E Series Santricity OS Controller 11.60.1 Netapp E Series Santricity OS Controller 11.60.3	15

References

https://security.netapp.com/advisory/NTAP-20210610-0002