What is the severity of CVE-2021-27001?

The severity of CVE-2021-27001 is medium with a severity value of 5.5.

How can an attacker exploit CVE-2021-27001?

An attacker can exploit CVE-2021-27001 by taking advantage of their authenticated privileged local access to modify Compliance-mode WORM data.

How can CVE-2021-27001 be fixed?

To fix CVE-2021-27001, upgrade to Clustered Data ONTAP versions 9.5P18, 9.6P16, 9.7P16, 9.8P7, or 9.9.1P2.

Vulnerability/
CVE-2021-27001

medium

5.5

19/10/2021

3/8/2024

CVE-2021-27001

Q: How does CVE-2021-27001 affect NetApp Clustered Data ONTAP?

CVE-2021-27001 affects Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7, and 9.9.1P2.

Q: What is the vulnerability in CVE-2021-27001?

The vulnerability in CVE-2021-27001 allows an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.

First published: Tue Oct 19 2021(Updated: )

Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.

Credit: security-alert@netapp.com

Affected Software	Affected Version	How to fix
NetApp Clustered Data ONTAP	>=9.0<=9.4
NetApp Clustered Data ONTAP	=9.5
NetApp Clustered Data ONTAP	=9.5-p12
NetApp Clustered Data ONTAP	=9.5-p13
NetApp Clustered Data ONTAP	=9.5-p14
NetApp Clustered Data ONTAP	=9.5-p15
NetApp Clustered Data ONTAP	=9.5-p16
NetApp Clustered Data ONTAP	=9.5-p17
NetApp Clustered Data ONTAP	=9.5-p6
NetApp Clustered Data ONTAP	=9.5-p8
NetApp Clustered Data ONTAP	=9.5-p9
NetApp Clustered Data ONTAP	=9.6
NetApp Clustered Data ONTAP	=9.6-p1
NetApp Clustered Data ONTAP	=9.6-p12
NetApp Clustered Data ONTAP	=9.6-p15
NetApp Clustered Data ONTAP	=9.6-p3
NetApp Clustered Data ONTAP	=9.6-p4
NetApp Clustered Data ONTAP	=9.6-p7
NetApp Clustered Data ONTAP	=9.6-p8
NetApp Clustered Data ONTAP	=9.6-p9
NetApp Clustered Data ONTAP	=9.7
NetApp Clustered Data ONTAP	=9.7-p12
NetApp Clustered Data ONTAP	=9.7-p13
NetApp Clustered Data ONTAP	=9.7-p14
NetApp Clustered Data ONTAP	=9.7-p7
NetApp Clustered Data ONTAP	=9.7-p9
NetApp Clustered Data ONTAP	=9.7-rc1
NetApp Clustered Data ONTAP	=9.8
NetApp Clustered Data ONTAP	=9.8-p3
NetApp Clustered Data ONTAP	=9.8-p5
NetApp Clustered Data ONTAP	=9.9.1

Never miss a vulnerability like this again

Reference Links

https://security.netapp.com/advisory/ntap-20211018-0001

Frequently Asked Questions

What is the severity of CVE-2021-27001?
The severity of CVE-2021-27001 is medium with a severity value of 5.5.
How does CVE-2021-27001 affect NetApp Clustered Data ONTAP?
CVE-2021-27001 affects Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7, and 9.9.1P2.
What is the vulnerability in CVE-2021-27001?
The vulnerability in CVE-2021-27001 allows an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.
How can an attacker exploit CVE-2021-27001?
An attacker can exploit CVE-2021-27001 by taking advantage of their authenticated privileged local access to modify Compliance-mode WORM data.
How can CVE-2021-27001 be fixed?
To fix CVE-2021-27001, upgrade to Clustered Data ONTAP versions 9.5P18, 9.6P16, 9.7P16, 9.8P7, or 9.9.1P2.

collector/nvd-index
agent/severity
agent/references
agent/author
agent/tags
agent/type
agent/event
agent/description
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
collector/mitre-cve
source/MITRE
vendor/netapp
canonical/netapp clustered data ontap
version/netapp clustered data ontap/9.0
version/netapp clustered data ontap/9.4
version/netapp clustered data ontap/9.5
version/netapp clustered data ontap/9.5-p12
version/netapp clustered data ontap/9.5-p13
version/netapp clustered data ontap/9.5-p14
version/netapp clustered data ontap/9.5-p15
version/netapp clustered data ontap/9.5-p16
version/netapp clustered data ontap/9.5-p17
version/netapp clustered data ontap/9.5-p6
version/netapp clustered data ontap/9.5-p8
version/netapp clustered data ontap/9.5-p9
version/netapp clustered data ontap/9.6
version/netapp clustered data ontap/9.6-p1
version/netapp clustered data ontap/9.6-p12
version/netapp clustered data ontap/9.6-p15
version/netapp clustered data ontap/9.6-p3
version/netapp clustered data ontap/9.6-p4
version/netapp clustered data ontap/9.6-p7
version/netapp clustered data ontap/9.6-p8
version/netapp clustered data ontap/9.6-p9
version/netapp clustered data ontap/9.7
version/netapp clustered data ontap/9.7-p12
version/netapp clustered data ontap/9.7-p13
version/netapp clustered data ontap/9.7-p14
version/netapp clustered data ontap/9.7-p7
version/netapp clustered data ontap/9.7-p9
version/netapp clustered data ontap/9.7-rc1
version/netapp clustered data ontap/9.8
version/netapp clustered data ontap/9.8-p3
version/netapp clustered data ontap/9.8-p5
version/netapp clustered data ontap/9.9.1

CVE-2021-27001

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-27001?

How does CVE-2021-27001 affect NetApp Clustered Data ONTAP?

What is the vulnerability in CVE-2021-27001?

How can an attacker exploit CVE-2021-27001?

How can CVE-2021-27001 be fixed?

Company

Resources

Contact