{"status":"success","advisory":{"_id":"683547215b16347a91c39c9a","kb_acknowledgements":null,"kb_affected_list":["7-Mode Transition Tool","AFF Baseboard Management Controller (BMC) - A700s","Brocade Fabric Operating System Firmware","Brocade Network Advisor Software","Cloud Manager","Clustered Data ONTAP","Data ONTAP PowerShell Toolkit","Data ONTAP operating in 7-Mode","E-Series SANtricity Storage Manager","NetApp Cloud Backup (formerly AltaVault)","NetApp Host Agent","NetApp Manageability SDK","NetApp Plug-in for Symantec NetBackup","NetApp SMI-S Provider","NetApp SolidFire, Enterprise SDS & HCI Storage Node (Element Software)","NetApp VASA Provider for Clustered Data ONTAP 9.7 and above","ONTAP Select Deploy administration utility","OnCommand Insight","OnCommand Shift","OnCommand Unified Manager Core Package","OnCommand Workflow Automation","Open Systems SnapVault Agent","Perfstat","RBAC User Creator for Data ONTAP","Service Processor","Snap Creator Framework","SnapCenter","SnapCenter Plug-in for VMware vSphere","SnapDrive for Unix","SnapDrive for Windows","SnapProtect","Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere 9.7 and above","StorageGRID (formerly StorageGRID Webscale)","StorageGRID9 (9.x and prior)","System Setup","Virtual Storage Console for VMware vSphere 6.x","Virtual Storage Console for VMware vSphere 9.7 and above"],"kb_bad_data":false,"kb_cve":["CVE-2016-2183"],"kb_exploitation":"Public","kb_fixes":[{"product":"NetApp Manageability SDK","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/nmsdk/5.4/","cves":[]}],"instructions":"Using NetApp Manageability SDK 5.4 or higher, download openssl-1.0.2j or higher and then build the OpenSSL by following steps in \"netapp-manageability-sdk-5.4.zip\". Extract it by following steps in the SDK_help.htm in the \"Upgrading OpenSSL\" section.","wontfix":false,"eos_link":null},{"product":"Cloud Manager","fixes":[{"link":"http://mysupport.netapp.com/NOW/download/software/oncommand_cloud_lin/3.3/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Snap Creator Framework","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/snapcreator_framework/4.3.1/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"SnapCenter","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/snapcenter/4.0/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"NetApp Cloud Backup (formerly AltaVault)","fixes":[{"link":"http://mysupport.netapp.com/NOW/download/software/altavault_ava800/4.3/","cves":[]},{"link":"http://mysupport.netapp.com/NOW/download/software/altavault_phyapp/4.3/","cves":[]},{"link":"http://mysupport.netapp.com/NOW/download/software/altavault_virtualapp/4.3/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"StorageGRID (formerly StorageGRID Webscale)","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/storagegrid_webscale/11.0/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"SnapDrive for Unix","fixes":[{"link":"http://mysupport.netapp.com/NOW/download/software/snapdrive_redhatlinux/5.3.1/","cves":[]},{"link":"http://mysupport.netapp.com/NOW/download/software/snapdrive_aix/5.3.1/","cves":[]},{"link":"http://mysupport.netapp.com/NOW/download/software/snapdrive_sol/5.3.1/","cves":[]},{"link":"http://mysupport.netapp.com/NOW/download/software/snapdrive_solx86/5.3.1/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Virtual Storage Console for VMware vSphere 9.7 and above","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/vsc_win/7.2.1/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Brocade Network Advisor Software","fixes":[{"link":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2016-134","cves":[]}],"instructions":"Starting Brocade Fabric OS v7.4 a CLI secCryptoCfg command provides options to configure various cryptographic algorithms to meet compliance requirements for the SSH and HTTPS protocols on a Brocade Fibre Channel switch.","wontfix":false,"eos_link":null},{"product":"Clustered Data ONTAP","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.2/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.3/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.4/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.5/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.6/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/9.7/","cves":[]}],"instructions":"fixed under burt 1031137","wontfix":false,"eos_link":null},{"product":"Brocade Fabric Operating System Firmware","fixes":[{"link":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2016-134","cves":[]}],"instructions":"Starting Brocade Fabric OS v7.4 a CLI secCryptoCfg command provides options to configure various cryptographic algorithms to meet compliance requirements for the SSH and HTTPS protocols on a Brocade Fibre Channel switch.","wontfix":false,"eos_link":null},{"product":"Service Processor","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/tools/serviceimage/support/","cves":[]}],"instructions":"https://mysupport.netapp.com/NOW/download/tools/serviceimage/support/\r\nFixed by bug 1032893. First fixed versions include the following: 5.1,3.3P1,4.1P1,2.5,3.4,1.6.1P1,2.4.1P1,1.5.2P1,2.3.2P1,3.1.2P2,1.4.4,2.2.5,3.0.4","wontfix":false,"eos_link":null},{"product":"Perfstat","fixes":[{"link":"https://mysupport.netapp.com/tools/info/ECMLP2572102I.html?productID=62125","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"RBAC User Creator for Data ONTAP","fixes":[],"instructions":null,"wontfix":true,"eos_link":null},{"product":"OnCommand Workflow Automation","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/ocwfa_linux/4.2/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/ocwfa/4.2/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"StorageGRID9 (9.x and prior)","fixes":[],"instructions":null,"wontfix":true,"eos_link":"https://mysupport.netapp.com/info/communications/ECMLP2863457.html"},{"product":"Data ONTAP operating in 7-Mode","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/ontap/8.2.5P2/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"NetApp Plug-in for Symantec NetBackup","fixes":[],"instructions":null,"wontfix":true,"eos_link":"https://mysupport.netapp.com/info/communications/ECMLP2875531.html"},{"product":"OnCommand Unified Manager Core Package","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/occore_win/5.2.3/","cves":[]},{"link":"https://mysupport.netapp.com/NOW/download/software/occore_lin/5.2.3/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere 9.7 and above","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/sra_cmode/7.2.1/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"E-Series SANtricity Storage Manager","fixes":[{"link":"http://mysupport.netapp.com/NOW/download/software/eseries_santricity/11.30.0X00.0010/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"SnapDrive for Windows","fixes":[{"link":"http://mysupport.netapp.com/NOW/download/software/snapdrive_win/7.1.4/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"NetApp SolidFire, Enterprise SDS & HCI Storage Node (Element Software)","fixes":[{"link":"https://mysupport.netapp.com/site/products/all/details/element-software/downloads-tab/download/62654/11.3","cves":[]},{"link":"https://mysupport.netapp.com/site/products/all/details/netapp-hci/downloads-tab/download/62542/1.6","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"SnapProtect","fixes":[],"instructions":null,"wontfix":true,"eos_link":"https://mysupport.netapp.com/info/communications/ECMLP2426797.html"},{"product":"NetApp SMI-S Provider","fixes":[{"link":"https://mysupport.netapp.com/products/smis/5.2.5/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"NetApp VASA Provider for Clustered Data ONTAP 9.7 and above","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/vasa_cdot/7.2.1/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"SnapCenter Plug-in for VMware vSphere","fixes":[{"link":"https://mysupport.netapp.com/products/scv/4.3/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Open Systems SnapVault Agent","fixes":[{"link":"https://support.netapp.com/NOW/download/software/snapvault_oss/win2003/3.0.1P8","cves":[]},{"link":"https://support.netapp.com/NOW/download/software/snapvault_oss/win2008/3.0.1P8","cves":[]},{"link":"https://support.netapp.com/NOW/download/software/snapvault_oss/linux/3.0.1P8","cves":[]},{"link":"https://support.netapp.com/NOW/download/software/snapvault_oss/solx86/3.0.1P8","cves":[]},{"link":"https://support.netapp.com/NOW/download/software/snapvault_oss/sol/3.0.1P8","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"OnCommand Shift","fixes":[],"instructions":null,"wontfix":true,"eos_link":"https://mysupport.netapp.com/info/communications/ECMLP2841272.html"},{"product":"NetApp Host Agent","fixes":[],"instructions":null,"wontfix":true,"eos_link":"http://mysupport.netapp.com/info/communications/ECMLP2512371.html"},{"product":"System Setup","fixes":[{"link":"https://support.microsoft.com/en-in/kb/245030","cves":[]}],"instructions":"No fix planned - see Workarounds.","wontfix":false,"eos_link":null},{"product":"AFF Baseboard Management Controller (BMC) - A700s","fixes":[{"link":"https://mysupport.netapp.com/site/downloads/firmware/system-firmware-diagnostics","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"7-Mode Transition Tool","fixes":[],"instructions":null,"wontfix":true,"eos_link":null},{"product":"Data ONTAP PowerShell Toolkit","fixes":[],"instructions":null,"wontfix":true,"eos_link":null},{"product":"ONTAP Select Deploy administration utility","fixes":[{"link":"https://mysupport.netapp.com/NOW/download/software/ontap_select/9.0/","cves":[]}],"instructions":"","wontfix":false,"eos_link":null},{"product":"Virtual Storage Console for VMware vSphere 6.x","fixes":[],"instructions":null,"wontfix":true,"eos_link":"https://mysupport.netapp.com/info/communications/ECMLP2843186.html"}],"kb_impact":"Exploitation of this vulnerability may lead to unauthorized disclosure of information.","kb_internal_notes":[{"burt":"1031133","jira":"","product":"7-Mode Transition Tool"},{"burt":"1317114","jira":"CSEFC-611","product":"AFF Baseboard Management Controller (BMC) - A700s"},{"burt":"1031145","jira":"","product":"Brocade Fabric Operating System Firmware"},{"burt":"1055039","jira":"","product":"Brocade Network Advisor Software"},{"burt":"1031156","jira":"","product":"Cloud Manager"},{"burt":"1031139","jira":"","product":"Cluster Network Switch (NetApp CN1610)"},{"burt":"1031137","jira":"","product":"Clustered Data ONTAP"},{"burt":"1031136","jira":"","product":"Clustered Data ONTAP Antivirus Connector"},{"burt":"1031142","jira":"","product":"Data ONTAP PowerShell Toolkit"},{"burt":"1031141","jira":"","product":"Data ONTAP operating in 7-Mode"},{"burt":"","jira":"","product":"E-Series SANtricity Management Plug-ins (VMware VASA (Windows))"},{"burt":"","jira":"","product":"E-Series SANtricity Management Plug-ins (VMware vCenter (Linux))"},{"burt":"","jira":"","product":"E-Series SANtricity Management Plug-ins (VMware vCenter)"},{"burt":"","jira":"","product":"E-Series SANtricity Storage Manager"},{"burt":"","jira":"","product":"E-Series SANtricity Web Services (REST API) for Web Services Proxy"},{"burt":"1031146","jira":"","product":"Management Network Switch (NetApp CN1601)"},{"burt":"1031147","jira":"","product":"MetroCluster Tiebreaker for clustered Data ONTAP"},{"burt":"1031151","jira":"","product":"NetApp Cloud Backup (formerly AltaVault)"},{"burt":"1031148","jira":"","product":"NetApp Host Agent"},{"burt":"1031149","jira":"","product":"NetApp Manageability SDK"},{"burt":"1031150","jira":"","product":"NetApp Plug-in for Symantec NetBackup"},{"burt":"","jira":"","product":"NetApp SANtricity SMI-S Provider"},{"burt":"1031143","jira":"","product":"NetApp SMI-S Provider"},{"burt":"","jira":"SECURITY-286","product":"NetApp SolidFire, Enterprise SDS & HCI Storage Node (Element Software)"},{"burt":"1031152","jira":"","product":"NetApp VASA Provider for Clustered Data ONTAP 9.7 and above"},{"burt":"1031140","jira":"","product":"ONTAP Select Deploy administration utility"},{"burt":"1031153","jira":"","product":"OnCommand API Services"},{"burt":"1031155","jira":"","product":"OnCommand Balance"},{"burt":"","jira":"ICI-4171","product":"OnCommand Insight"},{"burt":"1031157","jira":"","product":"OnCommand Performance Manager (Unified Manager Performance Pkg)"},{"burt":"1031158","jira":"","product":"OnCommand Plug-in for Microsoft"},{"burt":"1031159","jira":"","product":"OnCommand Shift"},{"burt":"1031161","jira":"","product":"OnCommand Unified Manager Core Package"},{"burt":"1031162","jira":"","product":"OnCommand Unified Manager for Clustered Data ONTAP"},{"burt":"1031163","jira":"","product":"OnCommand Workflow Automation"},{"burt":"1031165","jira":"","product":"Open Systems SnapVault Agent"},{"burt":"1031166","jira":"","product":"Perfstat"},{"burt":"1031167","jira":"","product":"RBAC User Creator for Data ONTAP"},{"burt":"1031169","jira":"","product":"Service Processor"},{"burt":"1031174","jira":"","product":"Snap Creator Framework"},{"burt":"1031170","jira":"","product":"SnapCenter"},{"burt":"1268135","jira":"","product":"SnapCenter Plug-in for VMware vSphere"},{"burt":"1031175","jira":"","product":"SnapDrive for Unix"},{"burt":"1031176","jira":"","product":"SnapDrive for Windows"},{"burt":"1031177","jira":"","product":"SnapManager for Oracle"},{"burt":"1031178","jira":"","product":"SnapManager for SAP"},{"burt":"1031179","jira":"","product":"SnapManager for Sharepoint"},{"burt":"1031180","jira":"","product":"SnapProtect"},{"burt":"1061787","jira":"","product":"Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere 9.7 and above"},{"burt":"1061822","jira":"","product":"Storage Replication Adapter for Data ONTAP operating in 7-Mode 2.1"},{"burt":"1089981","jira":"","product":"StorageGRID (formerly StorageGRID Webscale)"},{"burt":"1089980","jira":"","product":"StorageGRID9 (9.x and prior)"},{"burt":"1031160","jira":"","product":"System Manager 9.x"},{"burt":"1031181","jira":"","product":"System Setup"},{"burt":"1031182","jira":"","product":"Virtual Storage Console for VMware vSphere 6.x"},{"burt":"","jira":"","product":"Virtual Storage Console for VMware vSphere 9.7 and above"}],"kb_investigating_list":[],"kb_num":"9010102","kb_ref":["https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183","https://sweet32.info/","https://www.openssl.org/blog/blog/2016/08/24/sweet32"],"kb_rev_history":[{"comment":"Initial Public Release","date":"20160915","version":"1.0"},{"comment":"SnapManager for Sharepoint moved to Products Not Affected","date":"20160921","version":"2.0"},{"comment":"NetApp AltaVault moved to Affected Products","date":"20161006","version":"3.0"},{"comment":"Config Advisor, Data ONTAP PowerShell Toolkit, RBAC User Creator for Data ONTAP removed due to being Toolchest products that are supported in the communities","date":"20161108","version":"4.0"},{"comment":"SnapDrive for Windows added to Software Versions and Fixes, NetApp VASA Provider for Clustered Data ONTAP added to Affected Products","date":"20161117","version":"5.0"},{"comment":"OnCommand Balance moved to Products Not Affected, SnapDrive for Unix moved to Affected Products and added to Software Versions and Fixes, NetApp Manageability SDK and Virtual Storage Console for VMware vSphere added to Software Versions and Fixes","date":"20161122","version":"6.0"},{"comment":"OnCommand Workflow Automation moved to Affected Products","date":"20161206","version":"7.0"},{"comment":"Fibre Channel Switch (Brocade) removed as covered product, Brocade Network Advisor Software moved to Affected Products, Brocade Network Operating System Firmware moved to Products Under Investigation","date":"20161213","version":"8.0"},{"comment":"OnCommand Insight added to Workarounds.","date":"20161220","version":"9.0"},{"comment":"OnCommand Insight Workaround modified to a KB link.","date":"20170103","version":"10.0"},{"comment":"Clustered Data ONTAP added to Workarounds","date":"20170117","version":"11.0"},{"comment":"Snap Creator Framework added to Software Versions and Fixes, Cluster Network Switch (NetApp CN1610) moved to Products Not Affected, SolidFire Element OS moved to Affected Products","date":"20170124","version":"12.0"},{"comment":"OnCommand System Manager moved to Products Not Affected, OnCommand Cloud Manager, OnCommand Shift, and Open Systems SnapVault Agent moved to Affected Products, Perfstat moved to Affected Products and added to Software Versions and Fixes, System Setup added to Software Versions and Fixes and Workarounds","date":"20170207","version":"13.0"},{"comment":"Management Network Switch (NetApp CN1601) moved to Products Not Affected, SnapCenter Plug-in for Microsoft SQL Server and SnapCenter Plug-in for Windows removed as they are now bundled with SnapCenter Server, ONTAP Select Deploy administration tool added to Software Versions and Fixes","date":"20170214","version":"14.0"},{"comment":"SnapCenter Server moved to Affected Products, Open Systems SnapVault Agent added to Software Versions and Fixes","date":"20170228","version":"15.0"},{"comment":"MetroCluster Tiebreaker for clustered Data ONTAP moved to Products Not Affected","date":"20170315","version":"16.0"},{"comment":"OnCommand Workflow Automation added to Software Versions and Fixes","date":"20170406","version":"17.0"},{"comment":"OnCommand Workflow Automation removed from Software Versions and Fixes","date":"20170407","version":"18.0"},{"comment":"OnCommand Unified Manager Core Package (5.x) moved to Affected Products","date":"20170508","version":"19.0"},{"comment":"NetApp AltaVault added to Software Versions and Fixes","date":"20170510","version":"20.0"},{"comment":"StorageGRID and StorageGRID Webscale moved to Affected Products after further evaluation","date":"20170606","version":"21.0"},{"comment":"7-Mode Transition Tool moved to Affected Products, OnCommand Performance Manager (Unified Manager Performance Pkg) moved to Products not Affected","date":"20170627","version":"22.0"},{"comment":"E-Series/EF-Series SANtricity Storage Manager added to Software Versions and Fixes","date":"20170711","version":"23.0"},{"comment":"Workaround added for OnCommand Workflow Automation","date":"20170718","version":"24.0"},{"comment":"7-Mode Transition Tool moved to Won't Fix status.","date":"20170720","version":"25.0"},{"comment":"Data ONTAP operating in 7-Mode added to Software Versions and Fixes","date":"20170815","version":"26.0"},{"comment":"Workaround corrected for OnCommand Workflow Automation","date":"20170907","version":"27.0"},{"comment":"FAS/V-Series Storage Replication Adapter for Clustered Data ONTAP moved to Affected Products and added to Software Versions and Fixes","date":"20170920","version":"28.0"},{"comment":"StorageGRID Webscale added to Software Versions and Fixes","date":"20171031","version":"29.0"},{"comment":"SnapCenter Server added to Software Versions and Fixes","date":"20180118","version":"30.0"},{"comment":"Clustered Data ONTAP added to Software Versions and Fixes, Storage Replication Adapter for 7-Mode Data ONTAP moved to Products not Affected","date":"20180130","version":"31.0"},{"comment":"OnCommand Shift moved to Won't Fix status","date":"20180315","version":"32.0"},{"comment":"OnCommand Workflow Automation added to Software Versions and Fixes","date":"20180411","version":"33.0"},{"comment":"Clarified NetApp Manageability SDK Software Versions and Fixes information, Clustered Data ONTAP Antivirus Connector moved to Affected Products","date":"20180419","version":"34.0"},{"comment":"NetApp VASA Provider for Clustered Data ONTAP 7.0 and above added to Software Versions and Fixes","date":"20180423","version":"35.0"},{"comment":"OnCommand API Services moved to Products Not Affected","date":"20180522","version":"36.0"},{"comment":"Data ONTAP operating in 7-Mode and Virtual Storage Console for VMware vSphere 6.x REMOVED from Software Versions and Fixes","date":"20180619","version":"37.0"},{"comment":"OnCommand Unified Manager for 7-Mode (core package) added to Software Versions and Fixes","date":"20180621","version":"38.0"},{"comment":"Clustered Data ONTAP Antivirus Connector moved to Products not Affected","date":"20180725","version":"39.0"},{"comment":"NetApp SMI-S Provider moved to Affected Products","date":"20180825","version":"40.0"},{"comment":"NetApp Host Agent moved to Won't Fix status","date":"20181004","version":"41.0"},{"comment":"Data ONTAP operating in 7-Mode added to Workarounds","date":"20181129","version":"42.0"},{"comment":"Data ONTAP operating in 7-Mode added to Software Versions and Fixes","date":"20181204","version":"43.0"},{"comment":"OnCommand Plug-in for Microsoft moved to Products Not Affected","date":"20190128","version":"44.0"},{"comment":"Virtual Storage Console for VMware vSphere 6.x moved to Won't Fix status, Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere 7.2 and above, NetApp VASA Provider for Clustered Data ONTAP 7.2 and above, Virtual Storage Console for VMware vSphere 7.2 and above fix links adjusted to 7.2.1 from 7.0","date":"20190208","version":"45.0"},{"comment":"NetApp VASA Provider for Clustered Data ONTAP 7.2 and above, Virtual Storage Console for VMware vSphere 7.2 and above, Storage Replication Adapter for Clustered Data ONTAP for VMware vSphere 7.2 and above added to Software Versions and Fixes","date":"20190208","version":"46.0"},{"comment":"SnapProtect moved to Won't Fix status","date":"20190531","version":"47.0"},{"comment":"Element Software (formerly SolidFire Element OS) moved to Affected Products","date":"20190705","version":"48.0"},{"comment":"Brocade Network Operating System Firmware, Brocade Network Advisor Software and Brocade Fabric Operating System Firmware added to Software Versions and Fixes","date":"20190726","version":"49.0"},{"comment":"NetApp SMI-S Provider added to Software Versions and Fixes","date":"20190826","version":"50.0"},{"comment":"OnCommand Cloud Manager moved to Affected Products","date":"20200324","version":"51.0"},{"comment":"SnapCenter Plug-in for VMware vSphere added to Software Versions and Fixes","date":"20200403","version":"52.0"},{"comment":"OnCommand Workflow Automation moved to Affected Products","date":"20200505","version":"53.0"},{"comment":"NetApp SolidFire & HCI Storage Node (Element Software) added to Software Versions and Fixes","date":"20200819","version":"54.0"},{"comment":"NetApp Plug-in for Symantec NetBackup moved to Won't Fix status","date":"20210105","version":"55.0"},{"comment":"AFF Baseboard Management Controller (BMC) - A700s added to Software Versions and Fixes","date":"20210216","version":"56.0"},{"comment":"OnCommand Cloud Manager added to Software Versions and Fixes","date":"20210304","version":"57.0"},{"comment":"StorageGRID9 (9.x and prior) moved to Won't Fix status, Final status","date":"20220114","version":"58.0"}],"kb_revised_list":[],"kb_scoring":{"CVE-2016-2183":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},"kb_scoring_calc":[{"cve_id":"CVE-2016-2183","range":"LOW","score":3.7,"vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"kb_status":"Final","kb_summary":"Multiple NetApp products utilize the TLS protocol. Any system using the TLS protocol with 64-bit block ciphers that are used in long running connections are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure of information. This bulletin will be updated as additional information becomes available.
","kb_title":"CVE-2016-2183 TLS Protocol 64-bit Cipher Vulnerability in Multiple NetApp Products","kb_unaffected_list":["ATTO FibreBridge - 6500N","Cluster Network Switch (NetApp CN1610)","Clustered Data ONTAP Antivirus Connector","E-Series SANtricity Management Plug-ins (VMware VASA (Windows))","E-Series SANtricity Management Plug-ins (VMware vCenter (Linux))","E-Series SANtricity Management Plug-ins (VMware vCenter)","E-Series SANtricity Web Services (REST API) for Web Services Proxy","FAS/AFF BIOS","Host Utilities - SAN for Linux","Host Utilities - SAN for Windows","Management Network Switch (NetApp CN1601)","MetroCluster Tiebreaker for clustered Data ONTAP","NetApp Cloud Backup OST Plug-in (formerly AltaVault OST Plug-in)","NetApp NFS Plug-in for VMware VAAI","NetApp SANtricity SMI-S Provider","NetApp Storage Encryption","OnCommand API Services","OnCommand Balance","OnCommand Performance Manager (Unified Manager Performance Pkg)","OnCommand Plug-in for Microsoft","OnCommand Unified Manager for Clustered Data ONTAP","Single Mailbox Recovery","SnapManager for Hyper-V","SnapManager for Oracle","SnapManager for SAP","SnapManager for Sharepoint","Storage Replication Adapter for Data ONTAP operating in 7-Mode 2.1","Storage Services Connector","System Manager 9.x"],"kb_workarounds":"\r\n- Clustered Data ONTAP: Beginning with version 9.0 ciphers can be manually disabled using the \"security config\" command:
\r\n
\r\n::*> security config modify -supported-ciphers CURRENT_CIPHER_STRING:!3DES:!DES\r\nNote that \"!DES\" is only necessary if \"!LOW\" is not already present, which it is by default.\r\n
\r\n\r\n- Data ONTAP operating in 7-Mode: Beginning with version 8.2.5 the \"high_security.enable\" option will enable only the TLS v1.1 and v1.2 protocols which do not support the 3DES-CBC cipher.
\r\n
\r\n\r\n\r\n\r\n- OnCommand Workflow Automation:
\r\n\r\n- Stop all of the WFA services.
\r\n- Make a backup copy and then edit this file: C:\\Program Files\\NetApp\\WFA\\jboss\\standalone\\configuration\\standalone-full.xml
\r\n- Search for https-listner in the standalone-full.xml file.
\r\n- Remove all of the 3DES cipher suites in the 'enabled-cipher-suites' attribute.
\r\n- Save and close the standalone-full.xml file.
\r\n- Start the WFA services and make sure all the binaries have deployed successfully under the C:\\Program Files\\NetApp\\WFA\\jboss\\standalone\\deployments folder.
\r\n- Run manual acquisition from all the added data sources and ensure that all the acquisitions have finished without any issues.
\r\n
\r\n
","ntap_advisory_id":"NTAP-20160915-0001","adv_id":"ntap-20160915-0001","published_date":"2016-09-15T00:00:00","updated_date":"2022-01-14T00:00:00","inserted_date":"2025-05-27T05:01:21.042000","modified_date":null}}