CVE-2020-8588

Published: Feb 3, 2021Modified: Nov 21, 2024

3.5

Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.1 / Impact: 1.4

Source: NVD

Description

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the existence of data on other Storage Virtual Machines (SVMs).

Affected (19)

Products: Netapp: Clustered Data Ontap

Netapp

1 product

Clustered Data Ontap

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Netapp Clustered Data Ontap	Before 9.3
Netapp Clustered Data Ontap	From 9.4 to 9.5
Netapp Clustered Data Ontap	Version 9.3
Netapp Clustered Data Ontap	Version 9.3 p10
Netapp Clustered Data Ontap	Version 9.3 p1
Netapp Clustered Data Ontap	Version 9.3 p2
Netapp Clustered Data Ontap	Version 9.3 p3
Netapp Clustered Data Ontap	Version 9.3 p4
Netapp Clustered Data Ontap	Version 9.3 p5
Netapp Clustered Data Ontap	Version 9.3 p6
Netapp Clustered Data Ontap	Version 9.3 p7
Netapp Clustered Data Ontap	Version 9.3 p8
Netapp Clustered Data Ontap	Version 9.3 p9
Netapp Clustered Data Ontap	Version 9.3 rc1
Netapp Clustered Data Ontap	Version 9.5
Netapp Clustered Data Ontap	Version 9.5 p1
Netapp Clustered Data Ontap	Version 9.5 p6
Netapp Clustered Data Ontap	Version 9.5 p8
Netapp Clustered Data Ontap	Version 9.5 p9

References (2)

https://security.netapp.com/advisory/ntap-20210201-0001/

Source: security-alert@netapp.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20210201-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.