CVE-2019-5502

EUVD-2019-15077
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
netappdata_ontap
𝑥
< 8.2.5
netappdata_ontap
8.2.5:p1
netappdata_ontap
8.2.5:p2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20190802-0002/
https://security.netapp.com/advisory/ntap-20190802-0002/