High severity8.8NVD Advisory· Published Mar 1, 2017· Updated Jun 17, 2026
CVE-2016-5374
CVE-2016-5374
Description
NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry.
Affected products
3cpe:2.3:a:netapp:data_ontap:9.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:netapp:data_ontap:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:data_ontap:9.1:*:*:*:*:*:*:*
- (no CPE)range: <9.1P1
Patches
Vulnerability mechanics
References
2- kb.netapp.com/support/s/article/ka51A00000007IBQAY/NTAP-20170228-0002nvdPatchVendor Advisory
- www.securityfocus.com/bid/96524nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.