CVE-2016-1502

HIGH

NetApp SnapCenter Server <1.0P1 - Auth Bypass

Title source: llm

Description

NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors.

References (1)

[Patch, Vendor Advisory] https://kb.netapp.com/support/s/article/authentication-bypass-vulnerability-in-snapcenter-server-1-0-1-0p1

Scores

CVSS v3 7.3

EPSS 0.0021

EPSS Percentile 43.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-287

Status draft

Affected Products (2)

netapp/snapcenter_server

Timeline

Published Feb 07, 2017

Tracked Since Feb 18, 2026