跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

允许对集群模式中的 SVM 数据连接使用 CIFS 空会话 Data ONTAP

Views:
25
Visibility:
Public
Votes:
0
Category:
clustered-data-ontap-8
Specialty:
cifs
Last Updated:

适用于

  • 产品型号: V3250
  • 操作系统:集群模式 Data ONTAP 8.2P4 ( 8.2.2RC1 之前的任何集群模式 Data ONTAP 版本)

问题

允许在集群模式 Data ONTAP 中针对 Storage Virtual Machine ( SVM )数据连接使用 CIFS 空会话。

有关详细信息,请参见以下链接:

空会话允许匿名用户与 Windows 或第三方 CIFS 实施(如 Samba 或 Solaris CIFS 服务器)建立未经身份验证的 CIFS 会话。这些匿名用户可能能够枚举本地用户,组,服务器,共享,域,域策略,并且可能能够通过 RPC 函数调用访问各种 MSRPC 服务。这些服务历来受到许多漏洞的影响。攻击者可以通过空会话获得大量信息,这也可能使他们执行更复杂的攻击。

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support