Improper Handling of Owner_Rights ACL Entry in NetApp Data ONTAP 9.0 and 9.1

Improper Handling of Owner_Rights ACL Entry in NetApp Data ONTAP 9.0 and 9.1

CVE-2016-5374 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry.

Learn more about our User Device Pen Test.