CVE-2020-8581

Published: Jan 19, 2021Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled.

Affected (13)

Products: Netapp: Clustered Data Ontap

Netapp

1 product

Clustered Data Ontap

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Netapp Clustered Data Ontap	Before 9.3
Netapp Clustered Data Ontap	From 9.4 to 9.5
Netapp Clustered Data Ontap	Version 9.3
Netapp Clustered Data Ontap	Version 9.3 p10
Netapp Clustered Data Ontap	Version 9.3 p1
Netapp Clustered Data Ontap	Version 9.3 p2
Netapp Clustered Data Ontap	Version 9.3 p3
Netapp Clustered Data Ontap	Version 9.3 p4
Netapp Clustered Data Ontap	Version 9.3 p5
Netapp Clustered Data Ontap	Version 9.3 p6
Netapp Clustered Data Ontap	Version 9.3 p7
Netapp Clustered Data Ontap	Version 9.3 p8
Netapp Clustered Data Ontap	Version 9.3 p9

References (2)

https://security.netapp.com/advisory/ntap-20210119-0001/

Source: security-alert@netapp.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20210119-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.