Lenovo Security Advisory: LEN-26771
Potential Impact: Privilege escalation
Severity: High
Scope of Impact: Industry-wide
CVE Identifier: CVE-2019-5490
Summary Description:
Certain versions of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
Mitigation Strategy for Customers (what you should do to protect yourself):
NetApp recommends upgrading to the firmware version (or newer) indicated for your model in the Product Impact section below.