CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3349

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile33.50th
PublishedJul 28, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.

Affected Platforms (CPE)

πŸ’»
Netapp

Data Ontap

All versions

References & Advisories

πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-01.shtml
πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-02.shtml
πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-03.shtml
πŸ”— http://www.kb.cert.org/vuls/id/329772
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44265
πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-01.shtml
πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-02.shtml
πŸ”— http://now.netapp.com/NOW/products/cpc/cpc0807-03.shtml

Related Vulnerabilities

CVE-2008-096010.0

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) e...

CVE-2008-316010.0

Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM Syst...

CVE-2015-77469.8

NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitiv...

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...