CVSS 3.1 Score 7.5 of 10 (high)


Published Oct 12, 2023
Updated: Oct 18, 2023
CWE ID 400


CVE-2023-27314 is a vulnerability affecting ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2, and 9.13.1, which could allow a remote unauthenticated attacker to cause a crash of the HTTP service. The vulnerability has a risk score of 25 and a base severity of HIGH according to the CVSS v3 scoring system. The affected products include iRxnDO, iRxnDP, iRxnDM, iRxnDN, bwGWYb, iRxnDK, iRxnDL, bwGWYa, and many others. To remediate the vulnerability, it is recommended to upgrade to ONTAP versions 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 or 9.13.1 or later versions as they contain the necessary security patches to address the issue of potential crashes in the HTTP service caused by remote attackers exploiting the vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-27314 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options