PT-2017-18020 · Netapp · Netapp Clustered Data Ontap

Publicado

2017-07-17

Atualizado

2017-08-08

CVE-2017-7947

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions NetApp Clustered Data ONTAP versions prior to 8.3.2P11 NetApp Clustered Data ONTAP version 9.0 before P4 NetApp Clustered Data ONTAP version 9.1 before P5

Description The issue allows attackers to obtain sensitive password information. This is achieved by leveraging the logging of passwords entered non-interactively on the command line.

Recommendations For versions prior to 8.3.2P11, update to version 8.3.2P11 or later. For version 9.0 before P4, update to version 9.0 P4 or later. For version 9.1 before P5, update to version 9.1 P5 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-7947

Produtos afetados

Netapp Clustered Data Ontap

PT-2017-18020 · Netapp · Netapp Clustered Data Ontap

CVE-2017-7947

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3