Lenovo Security Advisory: LEN-30687
Potential Impact: Unauthorized arbitrary command execution
Scope of Impact: Industry-wide
CVE Identifier: CVE-2019-17274
NetApp reported a vulnerability in FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 that may allow unauthorized arbitrary command execution via local access.
Mitigation Strategy for Customers (what you should do to protect yourself):
NetApp recommends updating to the appropriate FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware version for your product as indicated in the Product Impact section below.