CVEブラウザに戻る

CVE-2008-3349

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0280%

EPSS Percentile33.50th

Published2008年7月28日

Last Modified2026年4月23日

Vulnerability Description

Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.

Affected Platforms (CPE)

💻

Netapp

Data Ontap

All versions

References & Advisories

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-01.shtml

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-02.shtml

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-03.shtml

🔗 http://www.kb.cert.org/vuls/id/329772

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/44265

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-01.shtml

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-02.shtml

🔗 http://now.netapp.com/NOW/products/cpc/cpc0807-03.shtml

関連する脆弱性情報

CVE-2008-096010.0

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) e...

CVE-2008-316010.0

Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM Syst...

CVE-2015-77469.8

NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitiv...

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...