CVE-2019-5502

CWE-327Broken Cryptographic Algorithm3 documents3 sources
Severity
9.1CRITICAL
EPSS
0.2%
top 58.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Data Ontap
Timeline
PublishedAug 5
Latest updateMay 24

Description

SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

CVEListV5data_ontap_operating_in_7-modeBelow 8.2.5P3
NVDnetapp/data_ontap< 8.2.5+1

🔴Vulnerability Details

2
GHSA
GHSA-25qg-qjjq-5wgr: SMB in Data ONTAP operating in 7-Mode versions prior to 82022-05-24
CVEList
CVE-2019-5502: SMB in Data ONTAP operating in 7-Mode versions prior to 82019-08-05
CVE-2019-5502 (CRITICAL CVSS 9.1) | SMB in Data ONTAP operating in 7-Mo | cvebase.io