Vulnerabilities > CVE-2021-26996 - Unspecified vulnerability in Netapp E-Series Santricity OS Controller

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netapp

NVD

Published: 2021-06-11

Updated: 2021-06-22

Summary

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp E Series Santricity OS Controller 11.0.0 Netapp E Series Santricity OS Controller 11.20 Netapp E Series Santricity OS Controller 11.25 Netapp E Series Santricity OS Controller 11.30 Netapp E Series Santricity OS Controller 11.30.5R3 Netapp E Series Santricity OS Controller 11.40 Netapp E Series Santricity OS Controller 11.40.3R2 Netapp E Series Santricity OS Controller 11.40.5 Netapp E Series Santricity OS Controller 11.50.1 Netapp E Series Santricity OS Controller 11.50.2 Netapp E Series Santricity OS Controller 11.60 Netapp E Series Santricity OS Controller 11.60.0 Netapp E Series Santricity OS Controller 11.60.1 Netapp E Series Santricity OS Controller 11.60.3	15

References

https://security.netapp.com/advisory/NTAP-20210610-0003