VYPR
High severity7.5NVD Advisory· Published Feb 7, 2017· Updated Jun 17, 2026

CVE-2016-3063

CVE-2016-3063

Description

Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.

Affected products

2
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*range: <=8.3.1
    • (no CPE)range: <8.3.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.