Vigil@nce - NetApp Data ONTAP: read-write access via 7-Mode UTF-8
May 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass access restrictions of NetApp Data ONTAP in
7-Mode with UTF-8, in order to read or alter data.
Impacted products: Data ONTAP.
Severity: 2/4.
Creation date: 21/03/2016.
DESCRIPTION OF THE VULNERABILITY
The NetApp Data ONTAP product can be configured in 7-Mode, with
".UTF-8" appended to the volume language.
However, in this case, an attacker can bypass access restrictions
to data. Technical details are unknown.
An attacker can therefore bypass access restrictions of NetApp
Data ONTAP in 7-Mode with UTF-8, in order to read or alter data.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/NetApp-Data-ONTAP-read-write-access-via-7-Mode-UTF-8-19200