CVE-2017-15519
First published: Tue Mar 06 2018(Updated: )
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation.
Credit: security-alert@netapp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetApp SnapCenter Server | >=2.0<=3.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-15519?
CVE-2017-15519 is a vulnerability in SnapCenter 2.0 through 3.0.1 that allows unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services.
How can the vulnerability be exploited?
The vulnerability can be exploited by unauthenticated remote attackers who can view and modify backup related data via the Plug-in for NAS File Services.
What is the severity of CVE-2017-15519?
The severity of CVE-2017-15519 is high with a CVSS score of 7.2.
Which versions of SnapCenter are affected by CVE-2017-15519?
Versions of SnapCenter 2.0 through 3.0.1 are affected by CVE-2017-15519.
What should users do to mitigate the vulnerability in SnapCenter?
All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/tags
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/netapp
- canonical/netapp snapcenter server
- version/netapp snapcenter server/2.0
- version/netapp snapcenter server/3.0.1