Описание
Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 7.0 (включая)
Одно из
cpe:2.3:a:network_appliance:data_ontap:*:*:*:*:*:*:*:*
cpe:2.3:a:network_appliance:data_ontap:6.4:*:*:*:*:*:*:*
cpe:2.3:a:network_appliance:data_ontap:6.5:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00938
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.
EPSS
Процентиль: 76%
0.00938
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other