Rewterz Threat Advisory – Multiple IBM InfoSphere Information Server

November 3, 2021

Rewterz Threat Advisory – Multiple McAfee Data Loss Prevention (DLP) ePO Extension

November 3, 2021

Rewterz Threat Advisory – Multiple NetApp Vulnerabilities

November 3, 2021

Severity

Medium

Analysis Summary

CVE-2021-27005

NetApp Clustered Data ONTAP is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to crash the httpd server.

CVE-2021-27004

NetApp System Manager could allow a local authenticated attacker to obtain sensitive information. An attacker could exploit this vulnerability to discover plaintext iSCSI CHAP credentials.

Impact

Denial of Service
Information Disclosure

Affected Vendors

NetApp

Affected Products

NetApp System Manager 9.7P16
NetApp System Manager 9.8P7
NetApp System Manager 9.9.1P2
NetApp Clustered Data ONTAP 9.6P16
NetApp Clustered Data ONTAP 9.7P16
NetApp Clustered Data ONTAP 9.9.1P3

Remediation

Refer to NetApp Advisory for patch, upgrade, or suggested workaround information.

CVE-2021-27005

https://security.netapp.com/advisory/NTAP-20211029-0002/

CVE-2021-27004

https://security.netapp.com/advisory/NTAP-20211029-0001/

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Group aka Rattlesnake – Active IOCs

Microsoft Bookings Vulnerability Allowed Attackers to Modify Meeting Details

ClickFix Scheme Used by Russian Hackers to Deploy Espionage Malware – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple IBM InfoSphere Information Server

Rewterz Threat Advisory – Multiple McAfee Data Loss Prevention (DLP) ePO Extension

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.