Cloud Manager versions before 3.9.4 are susceptible to a vulnerability that could allow a remote malicious user to overwrite arbitrary system files.
netapp cloud manager