CVE-2020-8573
First published: Mon Jun 29 2020(Updated: )
The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the Compute Firmware Bundle 12.2.92 the BMC account password on the H610C, H615C and H610S platforms is reset to the default documented value which could allow remote attackers to cause a Denial of Service (DoS).
Credit: security-alert@netapp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetApp HCI H610S Firmware | ||
| NetApp HCI H610S Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-8573?
CVE-2020-8573 is considered a high severity vulnerability due to the risk of unauthorized access through default credentials.
How do I fix CVE-2020-8573?
To fix CVE-2020-8573, change the default BMC account passwords during the initial node setup to ensure security.
What systems are affected by CVE-2020-8573?
CVE-2020-8573 affects the NetApp HCI H610C, H615C, and H610S Baseboard Management Controllers.
What can happen if CVE-2020-8573 is exploited?
If CVE-2020-8573 is exploited, an attacker could gain unauthorized access to sensitive system controls and configurations.
Is there a patch for CVE-2020-8573?
There is no specific patch for CVE-2020-8573; the recommended mitigation is to change default passwords post-installation.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netapp
- canonical/netapp hci h610s firmware