CVE-2020-8573 Vulnerability Details

  /     /     /  

CVE-2020-8573 Metadata Quick Info

CVE Published: 29/06/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: netapp | Vendor: NetApp | Product: NetApp HCI Baseboard Management Controller (BMC) HCI H610C, NetApp HCI Baseboard Management Controller (BMC) HCI H615C, NetApp HCI Baseboard Management Controller (BMC) HCI H610S
Status : PUBLISHED

---

CVE-2020-8573 Description

The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the Compute Firmware Bundle 12.2.92 the BMC account password on the H610C, H615C and H610S platforms is reset to the default documented value which could allow remote attackers to cause a Denial of Service (DoS).

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Default Credential
Source: NetApp

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).