First published: Mon Jul 28 2008(Updated: )
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Network Appliance Data ONTAP | ||
IBM N Series Storage Server | ||
NetApp FAS900 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-3349 is considered a critical vulnerability that can lead to remote command execution and denial of service.
To mitigate CVE-2008-3349, you should update to the latest version of NetApp Data ONTAP or apply the recommended patches provided by NetApp.
CVE-2008-3349 affects multiple versions of NetApp Data ONTAP running on NetApp and IBM eServer platforms.
CVE-2008-3349 can allow remote attackers to execute arbitrary commands, cause system crashes, or access sensitive information.
Currently, the best workaround for CVE-2008-3349 is to restrict access to vulnerable systems and ensure that they are updated as soon as possible.