CVE-2016-5372: CSRF
First published: Tue Feb 07 2017(Updated: )
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetApp Snap Creator Framework | <=4.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-5372?
CVE-2016-5372 is considered a medium severity cross-site request forgery (CSRF) vulnerability.
How do I fix CVE-2016-5372?
To fix CVE-2016-5372, upgrade to NetApp Snap Creator Framework version 4.3.0P1 or later.
What types of attacks are possible with CVE-2016-5372?
CVE-2016-5372 allows remote attackers to hijack the authentication of users through CSRF attacks.
Who is affected by CVE-2016-5372?
Any users of NetApp Snap Creator Framework versions earlier than 4.3.0P1 are affected by CVE-2016-5372.
When was CVE-2016-5372 disclosed?
CVE-2016-5372 was disclosed on June 22, 2016.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/softwarecombine
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/netapp
- canonical/netapp snap creator framework
- version/netapp snap creator framework/4.3.0