CVE-2017-5201

Published: Nov 10, 2017Modified: May 13, 2026

5.7

Vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.1 / Impact: 3.6

Source: NVD

Description

NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064.

Affected (3)

Products: Netapp: Clustered Data Ontap

Netapp

1 product

Clustered Data Ontap

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Netapp Clustered Data Ontap	Before 8.3.2
Netapp Clustered Data Ontap	Version 9.0
Netapp Clustered Data Ontap	Version 9.0 p1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/101776

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://security.netapp.com/advisory/ntap-20170809-0001/

Source: cve@mitre.org

Issue TrackingVendor Advisory

http://www.securityfocus.com/bid/101776

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://security.netapp.com/advisory/ntap-20170809-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

Timeline

No history available yet.