CVE-2016-7171
MEDIUMNetapp Plug-in < 2.0 - Improper Certificate Validation
Title source: ruleDescription
NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.
Scores
CVSS v3
5.6
EPSS
0.0018
EPSS Percentile
39.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Classification
CWE
CWE-295
Status
published
Affected Products (2)
netapp/netapp_plug-in
< 2.0
n/a/n/a
Timeline
Published
Dec 05, 2016
Tracked Since
Feb 18, 2026