CVE-2016-6904

HIGH

8.1

CVSS Severity Score

EPSS Score0.0800%

EPSS Percentile11.55th

Published2017年12月11日

Last Modified2026年5月13日

Vulnerability Description

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.

Affected Platforms (CPE)

📦

Netapp

Vasa Provider

<= 7.0

References & Advisories

🔗 https://security.netapp.com/advisory/ntap-20171208-0002/

関連する脆弱性情報

CVE-2017-49979.8

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could...

CVE-2018-11839.8

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions ...

CVE-2016-103810.0

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader...

CVE-2016-104110.0

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader...