Lucene search

[email protected]CVE-2022-23240

HistoryFeb 28, 2023 - 11:15 p.m.

CVE-2022-23240

2023-02-2823:15:11

[email protected]

web.nvd.nist.gov

cve-2022-23240

active iq unified manager

vulnerability

ems subscription

unauthorized access

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.1%

JSON

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.

Affected configurations

NVD

Node

netappactive_iq_unified_managerRange<9.11p1linux

netappactive_iq_unified_managerRange<9.11p1vmware_vsphere

netappactive_iq_unified_managerRange<9.11p1windows

CPENameOperatorVersion
netapp:active_iq_unified_managernetapp active iq unified managerlt9.11p1

CPE	Name	Operator	Version
netapp:active_iq_unified_manager	netapp active iq unified manager	lt	9.11p1

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows",
    "versions": [
      {
        "version": "prior to 9.11P1",
        "status": "affected"
      }
    ]
  }
]

References

security.netapp.com/advisory/ntap-20220901-0002/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.1%

JSON

Related for CVE-2022-23240

prion1 cvelist1 nvd1