Vulnerability Description
MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netapp | Metrocluster Tiebreaker | <= 1.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/92495Third Party AdvisoryVDB Entry
- https://kb.netapp.com/support/s/article/cve-2016-6820-sensitive-information-discPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20160816-0001/
- http://www.securityfocus.com/bid/92495Third Party AdvisoryVDB Entry
- https://kb.netapp.com/support/s/article/cve-2016-6820-sensitive-information-discPatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20160816-0001/
FAQ
What is CVE-2016-6820?
CVE-2016-6820 is a vulnerability with a CVSS score of 7.5 (HIGH). MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user.
How severe is CVE-2016-6820?
CVE-2016-6820 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6820?
Check the references section above for vendor advisories and patch information. Affected products include: Netapp Metrocluster Tiebreaker.