Improper Binding of JMX RMI Service in NetApp OnCommand Performance Manager and OnCommand Unified Manager

Improper Binding of JMX RMI Service in NetApp OnCommand Performance Manager and OnCommand Unified Manager

CVE-2017-7345 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors.

Learn more about our Cis Benchmark Audit For Bind.