Authentication Bypass Vulnerability in NetApp SnapCenter Server
CVE-2016-1502

7.3HIGH

Key Information:

Vendor: Netapp
Status: Snapcenter Server
Vendor: CVE Published:; 7 February 2017

What is CVE-2016-1502?

NetApp SnapCenter Server versions 1.0 and 1.0P1 are susceptible to an authentication bypass vulnerability, allowing remote attackers to interact with the system without proper authorization. This exploitation can lead to unauthorized access, enabling attackers to list and delete backups through unspecified vectors, potentially compromising backup integrity and availability.

References

https://kb.netapp.com/support/s/article/authentication-by...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2017
Vulnerability Reserved
Jan 7, 2016

Netapp

What is CVE-2016-1502?

References

CVSS V3.1

Timeline