CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation.

Published : 2018-03-06 20:29 Updated : 2019-10-03 00:03

6.4
CVSS Score More info
Score 6.4 / 10
6.4
Vendor Product Version URI
Netapp Snapcenter Server 2.0 cpe:/a:netapp:snapcenter_server:2.0
Netapp Snapcenter Server 3.0 cpe:/a:netapp:snapcenter_server:3.0
Netapp Snapcenter Server 3.0.1 cpe:/a:netapp:snapcenter_server:3.0.1
  1. Netapp (1) Search CVE
    1. Snapcenter Server (3) Search CVE
      1. 2.0
      2. 3.0
      3. 3.0.1

CWE

ID Name Description Links
CWE-287 Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. CVE

History of changes

Date Event
2019-10-03 00:03
2018-03-27 17:51
2018-03-06 20:29

New CVE