CVE-2015-8020

Опубликовано: 11 янв. 2017

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.

Ссылки

http://www.securityfocus.com/bid/92329
Third Party Advisory
VDB Entry
https://kb.netapp.com/support/s/article/cve-2015-8020-default-privileged-account-credentials-vulnerability-in-in-clustered-data-ontap?language=en_US
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20160802-0001/
http://www.securityfocus.com/bid/92329
Third Party Advisory
VDB Entry
https://kb.netapp.com/support/s/article/cve-2015-8020-default-privileged-account-credentials-vulnerability-in-in-clustered-data-ontap?language=en_US
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20160802-0001/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:netapp:clustered_data_ontap:8.0:*:*:*:*:*:*:*

cpe:2.3:a:netapp:clustered_data_ontap:8.3.1:*:*:*:*:*:*:*

cpe:2.3:a:netapp:clustered_data_ontap:8.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00247

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-7vf3-qjc6-gp7c