PT-2017-12030 · Netapp · Netapp Oncommand Unified Manager For 7-Mode

Published

2017-11-09

Updated

2017-11-30

CVE-2017-11461

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1

Description The issue allows for a clickjacking or "UI redress attack" that could cause a user to perform an unintended action in the user interface.

Recommendations For versions prior to 5.2.1, update to version 5.2.1 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-11461

Affected Products

Netapp Oncommand Unified Manager For 7-Mode

PT-2017-12030 · Netapp · Netapp Oncommand Unified Manager For 7-Mode

CVE-2017-11461

Weakness Enumeration

Related Identifiers

Affected Products

References · 4