Vulnerability Description
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netapp | Hyper Converged Infrastructure Compute Node | <= 1.4 |
| Netapp | Element Plug-In For Vcenter Server | < 4.2.3 |
References
- http://www.securityfocus.com/bid/108105Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190426-0001/Vendor Advisory
- http://www.securityfocus.com/bid/108105Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190426-0001/Vendor Advisory
FAQ
What is CVE-2019-5492?
CVE-2019-5492 is a vulnerability with a CVSS score of 7.5 (HIGH). Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected ve...
How severe is CVE-2019-5492?
CVE-2019-5492 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5492?
Check the references section above for vendor advisories and patch information. Affected products include: Netapp Hyper Converged Infrastructure Compute Node, Netapp Element Plug-In For Vcenter Server.