cvedb.io
CVE-2017-14053
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-09-01T21:29:00.670 · Last modified 2026-06-17T01:05:30.327

Summary

NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.

Affected products

netapp — oncommand_unified_manager_for_clustered_data_ontap

Does this affect you?

Add your gear to cvedb and we'll alert you only when netapp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.