CVE-2016-6904
published 2017-12-11CVE-2016-6904: Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an…
high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netapp | vasa_provider | <= 7.0 | — |
| netapp | vasa_provider_for_clustered_data_ontap | — | — |