CyberSec.Space Logo
Back to CVE Browser

CVE-2017-7345

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1360%
EPSS Percentile22.29th
PublishedApr 10, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Netapp

Clustered Data Ontap

<= 7.1

References & Advisories

πŸ”— http://www.securityfocus.com/bid/97537
πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170331-0002
πŸ”— http://www.securityfocus.com/bid/97537
πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170331-0002

Related Vulnerabilities

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...

CVE-2018-54908.8

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may ...

CVE-2017-124218.8

NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage contr...

CVE-2017-124208.8

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote...