CyberSec.Space Logo
Back to CVE Browser

CVE-2017-12421

HIGH
8.8
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile40.77th
PublishedSep 1, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage controller via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Netapp

Clustered Data Ontap

= 8.3
πŸ“¦
Netapp

Clustered Data Ontap

= 8.3.1
πŸ“¦
Netapp

Clustered Data Ontap

= 8.3.2
πŸ“¦
Netapp

Clustered Data Ontap

= 8.3.2p11

References & Advisories

πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170831-0002
πŸ”— https://kb.netapp.com/support/s/article/NTAP-20170831-0002

Related Vulnerabilities

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...

CVE-2018-54908.8

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may ...

CVE-2017-124208.8

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote...

CVE-2016-69048.1

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. Thi...