Vulnerabilities > CVE-2021-26991 - Unspecified vulnerability in Netapp Cloud Manager

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

netapp

NVD

Published: 2021-03-19

Updated: 2021-03-23

Summary

Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp Cloud Manager *	1

References

https://security.netapp.com/advisory/NTAP-20210318-0002