CVE-2023-27317
published 2023-12-15CVE-2023-27317: ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked…
medium4.6CVSS 3.1
AVPACLPRNUINSUCHINAN
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a
vulnerability which will cause all SAS-attached FIPS 140-2 drives to
become unlocked after a system reboot or power cycle or a single
SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This
could lead to disclosure of sensitive information to an attacker with
physical access to the unlocked drives.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netapp | ontap | — | — |
| netapp | ontap | — | — |
| netapp | ontap_9 | — | — |
| netapp | ontap_9 | — | — |
| netapp | ontap_9 | — | — |