3.5

CVE-2020-8589

Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptible to a vulnerability which could allow unauthorized tenant users to discover the names of other Storage Virtual Machines (SVMs) and filenames on those SVMs.

Data is provided by the National Vulnerability Database (NVD)
NetappClustered Data Ontap Version < 9.3
NetappClustered Data Ontap Version >= 9.4 < 9.5
NetappClustered Data Ontap Version9.3 Update-
NetappClustered Data Ontap Version9.3 Updatep1
NetappClustered Data Ontap Version9.3 Updatep10
NetappClustered Data Ontap Version9.3 Updatep2
NetappClustered Data Ontap Version9.3 Updatep3
NetappClustered Data Ontap Version9.3 Updatep4
NetappClustered Data Ontap Version9.3 Updatep5
NetappClustered Data Ontap Version9.3 Updatep6
NetappClustered Data Ontap Version9.3 Updatep7
NetappClustered Data Ontap Version9.3 Updatep8
NetappClustered Data Ontap Version9.3 Updatep9
NetappClustered Data Ontap Version9.3 Updaterc1
NetappClustered Data Ontap Version9.5 Update-
NetappClustered Data Ontap Version9.5 Updatep1
NetappClustered Data Ontap Version9.5 Updatep6
NetappClustered Data Ontap Version9.5 Updatep8
NetappClustered Data Ontap Version9.5 Updatep9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.09% 0.22
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 3.5 2.1 1.4
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 2.7 5.1 2.9
AV:A/AC:L/Au:S/C:P/I:N/A:N