CVE-2019-5509

CWE-94Code Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
1.6%
top 18.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Ontap Select Deploy Administration Utility
Timeline
PublishedNov 21
Latest updateMay 24

Description

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5netapp/ontap_select_deploy_administration_utility2.11.2 through 2.12.2

🔴Vulnerability Details

2
GHSA
GHSA-4cgc-v347-pccw: ONTAP Select Deploy administration utility versions 22022-05-24
CVEList
CVE-2019-5509: ONTAP Select Deploy administration utility versions 22019-11-21
CVE-2019-5509 (CRITICAL CVSS 9.8) | ONTAP Select Deploy administration | cvebase.io