CVE-2015-7886

CWE-200 — Information Exposure3 documents3 sources

Severity

3.7LOW

EPSS

0.4%

top 39.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netapp Data Ontap

Timeline

PublishedJan 18

Latest updateMay 17

Description

NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages1 packages

▶NVDnetapp/data_ontap8.2.4

Patches

Patch: kb.netapp.com ↗Patch: kb.netapp.com ↗

🔴Vulnerability Details

GHSA

GHSA-7xm4-pq46-5wp2: NetApp Data ONTAP before 8↗2022-05-17

▶

CVEList

CVE-2015-7886: NetApp Data ONTAP before 8↗2016-01-18

▶