Unauthenticated Access to Authentication Credentials in VASA Provider for Clustered Data ONTAP

Unauthenticated Access to Authentication Credentials in VASA Provider for Clustered Data ONTAP

CVE-2016-6904 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.

Learn more about our Web App Pen Testing.