What are you looking for ?
Advertise with us
Advertise with us

NetApp Security Advisory CVE-2021-27003 X-Frame-Options Header Vulnerability in Clustered Data ONTAP

Versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing X-Frame-Options header which could allow clickjacking attack.

NetApp, Inc. has published a security advisory concerning a X-Frame-options header vulnerability in clustered data ONTAP.

This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp.

Advisory ID: NTAP-20211012-0001

Version: 1.0

Last updated: 10/12/2021

Status: Final.

CVEs: CVE-2021-27003

Summary
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.

Impact
Successful exploitation of this vulnerability could allow a clickjacking attack.

Vulnerability scoring details

CVE

Score

Vector

CVE-2021-27003

6.5 (MEDIUM)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitation and public announcements
The company is aware of public discussion of this vulnerability.

Articles_bottom
ExaGrid
AIC
ATTOtarget="_blank"
OPEN-E
RAIDON