CVE-2017-7947

MEDIUM

NetApp Clustered Data ONTAP Password Exposure via Command-Line Logging

Title source: llm
STIX 2.1

Description

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.0130
EPSS Percentile 66.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (3)
netapp/clustered_data_ontap 8.3.2 p10
netapp/clustered_data_ontap 9.0 p3
netapp/clustered_data_ontap 9.1 p4
Published Jul 17, 2017
Tracked Since Feb 18, 2026