PT-2021-12799 · Netapp · Oncommand System Manager
Published
2021-02-08
·
Updated
2021-02-12
·
CVE-2020-8587
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
OnCommand System Manager versions prior to 9.3P20
OnCommand System Manager version 9.4 prior to 9.4P3
Description:
The issue allows HTTP clients to cache sensitive responses, making them accessible to an attacker with access to the system where the client runs.
Recommendations:
For OnCommand System Manager versions prior to 9.3P20, update to version 9.3P20 or later.
For OnCommand System Manager version 9.4 prior to 9.4P3, update to version 9.4P3 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oncommand System Manager