Arbitrary API Call Execution Vulnerability in NetApp OnCommand System Manager

Arbitrary API Call Execution Vulnerability in NetApp OnCommand System Manager

CVE-2016-3063 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.

Learn more about our Api Penetration Testing.