Headline
CVE-2021-26987: CVE-2021-26987 SpringBoot Framework Remote Code Execution Vulnerability in Management Software for Element Software and NetApp HCI
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.
- Home
- Advisory
- CVE-2021-26987 SpringBoot Framework Remote Code Execution Vulnerability in Management Software for Element Software and NetApp HCI
circle-info NetApp will continue to update this advisory as additional information becomes available.
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.
Advisory ID: NTAP-20210315-0001 Version: 1.0 Last updated: 03/15/2021 Status: Interim. CVEs: CVE-2021-26987
This document is provided solely for informational purposes. All information is based upon NetApp’s current knowledge and understanding of the hardware and software products tested by NetApp, and the methodology and assumptions used by NetApp. NetApp is not responsible for any errors or omissions that may be contained herein, and no warranty, representation, or other legal commitment or obligation is being provided by NetApp. © 2022 NetApp, Inc. All rights reserved. No portions of this document may be reproduced without prior written consent of NetApp, Inc.