CVE-2017-7947

medium

Published 2017-07-17 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2

5.0

VIR risk

6.5

Description

NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://kb.netapp.com/support/s/article/NTAP-20170630-0001

Application impact

Vendor	Product	Versions
netapp	clustered_data_ontap	`8.3.2`
netapp	clustered_data_ontap	`9.0`
netapp	clustered_data_ontap	`9.1`

References

https://kb.netapp.com/support/s/article/NTAP-20170630-0001
https://kb.netapp.com/support/s/article/NTAP-20170630-0001

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.