CVE-2015-8020Sensitive Information Exposure in Clustered Data Ontap

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.7LOWNVD
EPSS
0.2%
top 51.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Clustered Data Ontap
Timeline
PublishedJan 11
Latest updateMay 17

Description

Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages1 packages

NVDnetapp/clustered_data_ontap8.0, 8.3.1, 8.3.2+2

Patches

Patch: kb.netapp.comPatch: kb.netapp.com

🔴Vulnerability Details

2
GHSA
GHSA-7vf3-qjc6-gp7c: Clustered Data ONTAP versions 82022-05-17
CVEList
CVE-2015-8020: Clustered Data ONTAP versions 82017-01-11
CVE-2015-8020 — Sensitive Information Exposure | cvebase