Lenovo Security Advisory: LEN-29480
Potential Impact: Information Disclosure
Severity: Medium
Scope of Impact: Industry-wide
CVE Identifier: CVE-2019-5503
Summary Description:
NetApp reported that OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
Mitigation Strategy for Customers (what you should do to protect yourself):
NetApp recommends updating OnCommand Workflow Automation to version 5.0.1.0.0 (or higher) as indicated for your model in the Product Impact section below.