NetApp Clustered Data ONTAP 9.2 Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-29588

Potential Impact: Denial of Service

Severity: Medium

Scope of Impact: Industry-wide

CVE Identifier: CVE-2019-5508

Summary Description:

NetApp reported that Clustered Data ONTAP versions 9.2 through 9.4 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS).

Mitigation Strategy for Customers (what you should do to protect yourself):

NetApp recommends updating to the appropriate Clustered Data ONTAP version for your product as indicated in the Product Impact section below.