What is CVE-2020-8573?

CVE-2020-8573 is a medium-severity vulnerability in Netapp Hci_h610s, classified under Use of Hard-coded Credentials. CVSS score: 6.5/10. Published 2020-06-29.

How severe is CVE-2020-8573?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Netapp Hci_h610s

CVE-2020-8573

The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the C…

EPSS: 0.013 (66.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Netapp Hci_h610s
Netapp Hci_h610s_firmware
Netapp Hci Baseboard Management Controller (Bmc) H610c, H615c, H610s — versions Element OS v11.8, Element OS v12.0, Compute Firmware Bundle v12.2.92

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

security-alert@netapp.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2020-8573?: CVE-2020-8573 is a medium-severity vulnerability in Netapp Hci_h610s, classified under Use of Hard-coded Credentials. CVSS score: 6.5/10. Published 2020-06-29.
How severe is CVE-2020-8573?: Medium severity. CVSS v3 base score is 6.5 out of 10.