CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12420

HIGH
8.8
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile17.77th
PublishedAug 18, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code.

Affected Platforms (CPE)

πŸ“¦
Netapp

Clustered Data Ontap

<= 8.3.2
πŸ“¦
Netapp

Clustered Data Ontap

<= 9.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/100429
πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170814-0001
πŸ”— http://www.securityfocus.com/bid/100429
πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170814-0001

Related Vulnerabilities

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...

CVE-2017-124218.8

NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage contr...

CVE-2018-54908.8

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may ...

CVE-2016-69048.1

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. Thi...