CVE-2017-7947Sensitive Information Exposure in Clustered Data Ontap

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 47.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Clustered Data Ontap
Timeline
PublishedJul 17
Latest updateMay 17

Description

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDnetapp/clustered_data_ontap8.3.2, 9.0, 9.1+2

🔴Vulnerability Details

2
GHSA
GHSA-fmqx-hm4f-mfj9: NetApp Clustered Data ONTAP before 82022-05-17
CVEList
CVE-2017-7947: NetApp Clustered Data ONTAP before 82017-07-17
CVE-2017-7947 — Sensitive Information Exposure | cvebase