Authentication Bypass Vulnerability in NetApp SnapCenter Server
CVE-2016-1502

7.3HIGH

Key Information:

Vendor: Netapp
Status: Snapcenter Server
Vendor: CVE Published:; 7 February 2017

Summary

NetApp SnapCenter Server versions 1.0 and 1.0P1 are susceptible to an authentication bypass vulnerability, allowing remote attackers to interact with the system without proper authorization. This exploitation can lead to unauthorized access, enabling attackers to list and delete backups through unspecified vectors, potentially compromising backup integrity and availability.

References

https://kb.netapp.com/support/s/article/authentication-by...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 7, 2017
Vulnerability Reserved
Jan 7, 2016