Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack.
[
{
"product": "Clustered Data ONTAP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1"
}
]
}
]