Code injection

2017-02-0717:59:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows remote attackers to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
oncommand_unified_manager_for_clustered_data_ontapeq6.4 p1
oncommand_unified_manager_for_clustered_data_ontapeq6.3
oncommand_unified_manager_for_clustered_data_ontapeq6.4

Name	Operator	Version
oncommand_unified_manager_for_clustered_data_ontap	eq	6.4 p1
oncommand_unified_manager_for_clustered_data_ontap	eq	6.3
oncommand_unified_manager_for_clustered_data_ontap	eq	6.4

References

kb.netapp.com/support/s/article/NTAP-20161017-0002