NetApp OnCommand Balance prior to 4.2P2 contains a "default privileged account," which allows remote malicious users to gain privileges via unspecified vectors.
netapp oncommand balance