First published: Mon Apr 29 2019(Updated: )
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
Credit: security-alert@netapp.com security-alert@netapp.com
Affected Software | Affected Version | How to fix |
---|---|---|
Netapp Hyper Converged Infrastructure Compute Node | <=1.4 | |
Netapp Element Plug-in For Vcenter Server | <4.2.3 | |
<=1.4 | ||
<4.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-5492.
The severity level of CVE-2019-5492 is high with a score of 7.5.
CVE-2019-5492 affects NetApp HCI Compute Node versions prior to 1.4P2 and Element Plug-in for vCenter Server versions prior to 4.2.3.
An unauthenticated attacker can exploit CVE-2019-5492 by gaining access to sensitive account information through the Element Plug-in for vCenter Server.
More information about CVE-2019-5492 can be found at http://www.securityfocus.com/bid/108105 and https://security.netapp.com/advisory/ntap-20190426-0001/