Remote Credential Exposure in NetApp OnCommand System Manager
CVE-2016-5045

8.1HIGH

Key Information:

Vendor: Netapp
Status: Oncommand System Manager
Vendor: CVE Published:; 3 July 2017

Summary

NetApp OnCommand System Manager prior to version 9.0 contains a vulnerability that allows remote attackers to gain unauthorized access to sensitive credentials through specific configurations related to cluster peering setup. This exposure could lead to significant security risks if exploited by malicious actors.

References

https://kb.netapp.com/support/s/article/ka51A00000007OTQA...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 3, 2017
Vulnerability Reserved
May 24, 2016