CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
netappCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
netappsnapcenter_server
2.0 ≤
𝑥
≤ 3.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.netapp.com/advisory/ntap-20180306-0001/
https://security.netapp.com/advisory/ntap-20180306-0001/