Storagegrid
by NetApp
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23232 | 0.00 | — | 0.01 | Mar 4, 2022 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0… | |||
| CVE-2021-27006 | 0.00 | — | 0.00 | Dec 23, 2021 | StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager. | |||
| CVE-2020-8571 | 0.00 | — | 0.02 | Mar 13, 2020 | StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11.3 prior to 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause a Denial of Service (DoS). | |||
| CVE-2018-5495 | 0.00 | — | 0.02 | Nov 14, 2018 | All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node. |
- CVE-2022-23232Mar 4, 2022risk 0.00cvss —epss 0.01
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0…
- CVE-2021-27006Dec 23, 2021risk 0.00cvss —epss 0.00
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager.
- CVE-2020-8571Mar 13, 2020risk 0.00cvss —epss 0.02
StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11.3 prior to 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause a Denial of Service (DoS).
- CVE-2018-5495Nov 14, 2018risk 0.00cvss —epss 0.02
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
Page 2 of 2