CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-12421

HIGH
8.8
CVSS Severity Score
EPSS Score0.1380%
EPSS Percentile40.77th
Published2017年9月1日
Last Modified2026年5月13日

Vulnerability Description

NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage controller via unspecified vectors.

Affected Platforms (CPE)

📦
Netapp

Clustered Data Ontap

= 8.3
📦
Netapp

Clustered Data Ontap

= 8.3.1
📦
Netapp

Clustered Data Ontap

= 8.3.2
📦
Netapp

Clustered Data Ontap

= 8.3.2p11

References & Advisories

🔗 https://kb.netapp.com/support/s/article/NTAP-20170831-0002
🔗 https://kb.netapp.com/support/s/article/NTAP-20170831-0002

関連する脆弱性情報

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...

CVE-2018-54908.8

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may ...

CVE-2017-124208.8

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote...

CVE-2016-69048.1

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. Thi...