PatchSiren

PatchSiren cyber security CVE debrief

CVE-2015-8322 Netapp CVE debrief

CVE-2015-8322 is a high-severity remote code execution issue in NetApp OnCommand System Manager 8.3.x before 8.3.2. The NVD record says a remote authenticated attacker could execute arbitrary code through unspecified vectors. The record also maps vulnerable CPE entries to NetApp Data ONTAP 8.3 and 8.3.1 and points to NetApp patch/advisory references.

Vendor
Netapp
Product
CVE-2015-8322
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-07
Original CVE updated
2026-05-13
Advisory published
2017-02-07
Advisory updated
2026-05-13

Who should care

Administrators and security teams responsible for NetApp OnCommand System Manager and related Data ONTAP 8.3.x deployments, especially environments that allow authenticated administrative access over the network.

Technical summary

NVD describes the flaw as network-based, low-complexity, authenticated arbitrary code execution with full confidentiality, integrity, and availability impact. The published weakness classification is NVD-CWE-noinfo, so the exact vulnerable code path is not specified in the source corpus. The title text identifies OnCommand System Manager 8.3.x before 8.3.2, while the NVD CPE entries explicitly mark NetApp Data ONTAP 8.3 and 8.3.1 as vulnerable.

Defensive priority

High. Although authentication is required, the attack is network reachable and the impact is complete code execution with high CIA impact. Prioritize remediation for any exposed or broadly accessible management plane instance.

Recommended defensive actions

  • Verify whether NetApp OnCommand System Manager 8.3.x or Data ONTAP 8.3/8.3.1 is deployed anywhere in the environment.
  • Apply the vendor-referenced patch or upgrade to the fixed release indicated by NetApp for this CVE.
  • Restrict authenticated administrative access to management interfaces to the smallest practical set of trusted sources.
  • Review privileged accounts used for NetApp administration and remove unnecessary access.
  • Check relevant management and authentication logs for suspicious post-authentication activity around affected systems.

Evidence notes

The NVD 2.0 record lists CVSS v3.0 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H and identifies the weakness as NVD-CWE-noinfo. Source references include NetApp's support advisory/patch page at https://kb.netapp.com/support/index?page=content&id=9010070 and NetApp's security advisory page at https://security.netapp.com/advisory/ntap-20160310-0003/. The CVE published timestamp used here is 2017-02-07T17:59:00.177Z; the 2026-05-13 modified timestamp reflects later database updates, not the original issue date.

Official resources

Public CVE record published on 2017-02-07. The NVD record was modified on 2026-05-13; that later modification is a database update, not the original disclosure date.