CVE-2024-21982 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-21982

CWE

https://cwe.mitre.org/data/definitions/.html

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user.

Affected Software

Name	Vendor	Start Version	End Version
Clustered_data_ontap	Netapp	9.4 (including)	9.8 (excluding)
Clustered_data_ontap	Netapp	9.8 (including)	9.8 (including)
Clustered_data_ontap	Netapp	9.9.1 (including)	9.9.1 (including)
Clustered_data_ontap	Netapp	9.10.1 (including)	9.10.1 (including)
Clustered_data_ontap	Netapp	9.11.1 (including)	9.11.1 (including)
Clustered_data_ontap	Netapp	9.12.1 (including)	9.12.1 (including)
Clustered_data_ontap	Netapp	9.13.1 (including)	9.13.1 (including)

References

https://security.netapp.com/advisory/ntap-20240111-0001/
https://security.netapp.com/advisory/ntap-20240111-0001/