Vulnerability Description
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
CVSS Score
5.5
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netapp | Oncommand Unified Manager | < 5.2.5 |
Related Weaknesses (CWE)
References
- https://security.netapp.com/advisory/NTAP-20210128-0001Vendor Advisory
- https://security.netapp.com/advisory/ntap-20210128-0001/Vendor Advisory
- https://security.netapp.com/advisory/NTAP-20210128-0001Vendor Advisory
- https://security.netapp.com/advisory/ntap-20210128-0001/Vendor Advisory
FAQ
What is CVE-2020-8585?
CVE-2020-8585 is a vulnerability with a CVSS score of 5.5 (MEDIUM). OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
How severe is CVE-2020-8585?
CVE-2020-8585 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-8585?
Check the references section above for vendor advisories and patch information. Affected products include: Netapp Oncommand Unified Manager.