CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8919

NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://www.securityfocus.com/bid/99957
https://kb.netapp.com/support/s/article/ka51A0000008Spy/NTAP-20170718-0001
http://www.securityfocus.com/bid/99957
https://kb.netapp.com/support/s/article/ka51A0000008Spy/NTAP-20170718-0001

Products affected by CVE-2017-8919

Netapp » Oncommand Api Services » Version: N/A

cpe:2.3:a:netapp:oncommand_api_services:-
Netapp » Oncommand Api Services » Version: 1.0

cpe:2.3:a:netapp:oncommand_api_services:1.0
Netapp » Oncommand Api Services » Version: 1.1

cpe:2.3:a:netapp:oncommand_api_services:1.1
Netapp » Oncommand Api Services » Version: 1.2

cpe:2.3:a:netapp:oncommand_api_services:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8919

Products

Pricing

Contact Us