CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-7345

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1360%
EPSS Percentile22.29th
Published2017年4月10日
Last Modified2026年5月13日

Vulnerability Description

NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected Platforms (CPE)

📦
Netapp

Clustered Data Ontap

<= 7.1

References & Advisories

🔗 http://www.securityfocus.com/bid/97537
🔗 https://kb.netapp.com/support/s/article/NTAP-20170331-0002
🔗 http://www.securityfocus.com/bid/97537
🔗 https://kb.netapp.com/support/s/article/NTAP-20170331-0002

関連する脆弱性情報

CVE-2016-66679.8

NetApp OnCommand Unified Manager for Clustered Data ONTAP 6.3 through 6.4P1 contain a default privileged account, which allows rem...

CVE-2018-54908.8

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may ...

CVE-2017-124218.8

NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage contr...

CVE-2017-124208.8

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote...