CVE-2016-6904

Summary

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.

Affected Software

VendorProductVersion RangeStatus
NetAppVASA Provider for Clustered Data ONTAPVersions prior to 7.0P1affected

Weaknesses

  • Plain text authentication

ADP Enrichment

CVE Program Container

Additional References

References