NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/97537 | Third Party Advisory VDB Entry |
https://kb.netapp.com/support/s/article/NTAP-20170331-0002 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-04-10T15:00:00
Updated: 2017-11-15T13:57:01
Reserved: 2017-03-30T00:00:00
Link: CVE-2017-7345
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-04-10T15:59:00.580
Modified: 2017-04-17T13:52:29.813
Link: CVE-2017-7345
JSON object: View
Redhat Information
No data.
CWE