CVE-2020-8581
MEDIUMClustered Data ONTAP <9.3P20,9.5 - Privilege Escalation
Title source: llmDescription
Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://security.netapp.com/advisory/ntap-20210119-0001/
Scores
CVSS v3
6.5
EPSS
0.0023
EPSS Percentile
45.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (2)
netapp/clustered_data_ontap
9.3 (11 CPE variants)
netapp/clustered_data_ontap
< 9.3
Published
Jan 19, 2021
Tracked Since
Feb 18, 2026