CVE-2019-17272 — Improper Input Validation in Ontap Select Deploy Administration Utility

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 36.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netapp Ontap Select Deploy Administration Utility

Timeline

PublishedNov 21

Latest updateMay 24

Description

All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

▶CVEListV5netapp/ontap_select_deploy_administration_utilityAll versions

🔴Vulnerability Details

GHSA

GHSA-934m-9pqh-f3w8: All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an adminis↗2022-05-24

▶

CVEList

CVE-2019-17272: All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an adminis↗2019-11-21

▶