CVE-2023-27317

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/12/2023
Last modified:
19/12/2023

Description

ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a <br /> vulnerability which will cause all SAS-attached FIPS 140-2 drives to <br /> become unlocked after a system reboot or power cycle or a single <br /> SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This<br /> could lead to disclosure of sensitive information to an attacker with <br /> physical access to the unlocked drives. <br /> <br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:netapp:ontap:9.12.1:p8:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap:9.13.1:p4:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap:9.13.1:p5:*:*:*:*:*:*


References to Advisories, Solutions, and Tools