Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs) and filenames on those SVMs.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Clustered_data_ontap | Netapp | * | 9.3 (excluding) |
| Clustered_data_ontap | Netapp | 9.4 (including) | 9.5 (excluding) |
| Clustered_data_ontap | Netapp | 9.3 (including) | 9.3 (including) |
| Clustered_data_ontap | Netapp | 9.3-p1 (including) | 9.3-p1 (including) |
| Clustered_data_ontap | Netapp | 9.3-p10 (including) | 9.3-p10 (including) |
| Clustered_data_ontap | Netapp | 9.3-p2 (including) | 9.3-p2 (including) |
| Clustered_data_ontap | Netapp | 9.3-p3 (including) | 9.3-p3 (including) |
| Clustered_data_ontap | Netapp | 9.3-p4 (including) | 9.3-p4 (including) |
| Clustered_data_ontap | Netapp | 9.3-p5 (including) | 9.3-p5 (including) |
| Clustered_data_ontap | Netapp | 9.3-p6 (including) | 9.3-p6 (including) |
| Clustered_data_ontap | Netapp | 9.3-p7 (including) | 9.3-p7 (including) |
| Clustered_data_ontap | Netapp | 9.3-p8 (including) | 9.3-p8 (including) |
| Clustered_data_ontap | Netapp | 9.3-p9 (including) | 9.3-p9 (including) |
| Clustered_data_ontap | Netapp | 9.3-rc1 (including) | 9.3-rc1 (including) |
| Clustered_data_ontap | Netapp | 9.5 (including) | 9.5 (including) |
| Clustered_data_ontap | Netapp | 9.5-p1 (including) | 9.5-p1 (including) |
| Clustered_data_ontap | Netapp | 9.5-p6 (including) | 9.5-p6 (including) |
| Clustered_data_ontap | Netapp | 9.5-p8 (including) | 9.5-p8 (including) |
| Clustered_data_ontap | Netapp | 9.5-p9 (including) | 9.5-p9 (including) |