Cross-Site Request Forgery Vulnerability in NetApp Snap Creator Framework
CVE-2016-5372

6.3MEDIUM

Key Information:

Vendor
Netapp
Status
Snap Creator Framework
Vendor
CVE Published:
7 February 2017

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the NetApp Snap Creator Framework, affecting versions prior to 4.3.0P1. This flaw enables remote attackers to exploit the authentication process of users, potentially leading to unauthorized actions without their consent. The vulnerability arises from unspecified vectors, posing a risk to the integrity of user requests. Organizations using affected versions are urged to apply the necessary updates to safeguard their systems.

References

https://security.netapp.com/advisory/ntap-20160622-0001/
x_refsource_CONFIRM
https://kb.netapp.com/support/s/article/cve-2016-5372-cro...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-5372 : Cross-Site Request Forgery Vulnerability in NetApp Snap Creator Framework | SecurityVulnerability.io