CVE-2018-5489
MEDIUMNetApp 7-Mode Transition Tool <2.0 - Privilege Escalation
Title source: llmDescription
NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. 7MTT versions below 2.0 do not enforce user authorization rules on file information and status that it has previously collected. The released version of 7MTT has been updated to maintain and verify authorization rules for file information, status and utilities.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20150323-0001/
Scores
CVSS v3
6.5
EPSS
0.0019
EPSS Percentile
41.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-863
Status
published
Products (1)
netapp/7-mode_transition_tool
< 2.0
Published
Aug 03, 2018
Tracked Since
Feb 18, 2026