PT-2017-7313 · Netapp · Clustered Data Ontap

Published

2017-01-11

Updated

2017-11-16

CVE-2015-8020

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2

Description The issue concerns a default privileged account in Clustered Data ONTAP that can be exploited under certain conditions for unauthorized information disclosure.

Recommendations For Clustered Data ONTAP version 8.0, update the configuration to secure or remove the default privileged account. For Clustered Data ONTAP version 8.3.1, update the configuration to secure or remove the default privileged account. For Clustered Data ONTAP version 8.3.2, update the configuration to secure or remove the default privileged account.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-8020

Affected Products

Clustered Data Ontap

PT-2017-7313 · Netapp · Clustered Data Ontap

CVE-2015-8020

Weakness Enumeration

Related Identifiers

Affected Products

References · 5