CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-8587

OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

https://security.netapp.com/advisory/NTAP-20210208-0001/
https://security.netapp.com/advisory/NTAP-20210208-0001/

Products affected by CVE-2020-8587

Netapp » Oncommand System Manager » Version: Any

cpe:2.3:a:netapp:oncommand_system_manager:*
Netapp » Oncommand System Manager » Version: 9.3

cpe:2.3:a:netapp:oncommand_system_manager:9.3
Netapp » Oncommand System Manager » Version: 9.4

cpe:2.3:a:netapp:oncommand_system_manager:9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8587

Products

Pricing

Contact Us