CVE-2019-17274

Summary

NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.

Affected Software

VendorProductVersion RangeStatus
NetAppNetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller13.x prior to 13.1P1affected

Weaknesses

  • Default Privileged Account

ADP Enrichment

CVE Program Container

Additional References

References