CVE-2017-14583 — Improper Input Validation in Clustered Data Ontap

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 47.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netapp Clustered Data Ontap

Timeline

PublishedDec 18

Latest updateMay 14

Description

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDnetapp/clustered_data_ontap9.0 — 9.1+1

🔴Vulnerability Details

GHSA

GHSA-vmww-23ch-vw46: NetApp Clustered Data ONTAP versions 9↗2022-05-14

▶

CVEList

CVE-2017-14583: NetApp Clustered Data ONTAP versions 9↗2017-12-18

▶