exploitDog

CVE-2016-7171

Опубликовано: 05 дек. 2016

Источник: nvd

CVSS3: 5.6

CVSS2: 6.8

EPSS Низкий

Описание

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.

Ссылки

http://www.securityfocus.com/bid/94659
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037391
Third Party Advisory
VDB Entry
https://kb.netapp.com/support/s/article/NTAP-20161129-0001
Patch
Vendor Advisory
http://www.securityfocus.com/bid/94659
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037391
Third Party Advisory
VDB Entry
https://kb.netapp.com/support/s/article/NTAP-20161129-0001
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:netapp:netapp_plug-in:*:*:*:*:*:*:netbackup:*

Версия до 2.0 (включая)

EPSS

Процентиль: 39%

0.00177

Низкий

5.6 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

GHSA-x4mp-4v4c-7jxp

CVSS3: 5.6

github

больше 3 лет назад

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.

EPSS

Процентиль: 39%

0.00177

Низкий

5.6 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-295