Description
NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kb.netapp.com/support/s/article/NTAP-20161017-0002
Scores
CVSS v3
9.8
EPSS
0.0295
EPSS Percentile
85.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
netapp/oncommand_unified_manager_for_clustered_data_ontap
6.3
netapp/oncommand_unified_manager_for_clustered_data_ontap
6.4 (2 CPE variants)
Published
Feb 07, 2017
Tracked Since
Feb 18, 2026