CVE-2023-27317
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/12/2023
Last modified:
19/12/2023
Description
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a <br />
vulnerability which will cause all SAS-attached FIPS 140-2 drives to <br />
become unlocked after a system reboot or power cycle or a single <br />
SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This<br />
could lead to disclosure of sensitive information to an attacker with <br />
physical access to the unlocked drives. <br />
<br />
Impact
Base Score 3.x
4.60
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:netapp:ontap:9.12.1:p8:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:ontap:9.13.1:p4:*:*:*:*:*:* | ||
| cpe:2.3:a:netapp:ontap:9.13.1:p5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



