Nutanix API Authentication Vulnerability April 2019

It was discovered that functionality exposed by way of our Prism API provided inconsistent authentication requirements depending upon the endpoint being utilized. There are currently no customer reported instances of this exploit. Customers who use automation around Prism APIs may notice authentication issues with existing scripts that utilized the modified endpoints.

Affected Products

This table lists the minimum version where the fix is applied. An update to a version listed below, or any newer release than the version below, will resolve the issue :

ProductIssue Fixed Release version
AOSThe issue is resolved in the following releases or beyond:
5.10.3
5.5.9.1

Workaround No workaround exists for unpatched systems. Nutanix recommends you update to a version listed in this advisory immediately.
For information refer security advisory 13-v1.


….
Thank you
Receive my daily latest post in your e-mail inbox to keep yourself up to date.
Follow me through Single-click Follow button (Sign Up Not Required )

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑