LDAP BIND Password Logging Vulnerability in NetApp OnCommand API Services

LDAP BIND Password Logging Vulnerability in NetApp OnCommand API Services

CVE-2017-8919 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors.

Learn more about our Cis Benchmark Audit For Bind.