CVE-2024-21982
EUVD-2024-1958812.01.2024, 00:15
ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| netapp | clustered_data_ontap | 9.4 ≤ 𝑥 < 9.8 |
| netapp | clustered_data_ontap | 9.8 |
| netapp | clustered_data_ontap | 9.9.1 |
| netapp | clustered_data_ontap | 9.10.1 |
| netapp | clustered_data_ontap | 9.11.1 |
| netapp | clustered_data_ontap | 9.12.1 |
| netapp | clustered_data_ontap | 9.13.1 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| netapp | ontap_9 | 9.4 ≤ 𝑥 ≤ 9.8P20 | CNA |
| netapp | ontap_9 | 9.9.1 ≤ 𝑥 ≤ 9.9.1P17 | CNA |
| netapp | ontap_9 | 9.10.1 ≤ 𝑥 ≤ 9.10.1P15 | CNA |
| netapp | ontap_9 | 9.11.1 ≤ 𝑥 ≤ 9.11.1P12 | CNA |
| netapp | ontap_9 | 9.12.1 ≤ 𝑥 ≤ 9.12.1P7 | CNA |
| netapp | ontap_9 | 9.13.1 ≤ 𝑥 ≤ 9.13.1P3 | CNA |