Vulnerabilities > CVE-2020-8574 - Unspecified vulnerability in Netapp Active IQ Unified Manager

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

netapp

NVD

Published: 2020-08-03

Updated: 2020-08-12

Summary

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp Active IQ Unified Manager *	1

References

https://security.netapp.com/advisory/ntap-20200803-0001/