Lucene search

[email protected]CVE-2023-1096

HistoryMay 12, 2023 - 9:15 p.m.

CVE-2023-1096

2023-05-1221:15:08

[email protected]

web.nvd.nist.gov

cve-2023-1096

snapcenter

security vulnerability

remote attacker

admin access

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.1%

JSON

SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.

Affected configurations

NVD

Node

netappsnapcenterMatch4.7-

netappsnapcenterMatch4.7p1

netappsnapcenterMatch4.8-

CPENameOperatorVersion
netapp:snapcenternetapp snapcentereq4.7
netapp:snapcenternetapp snapcentereq4.8

CPE	Name	Operator	Version
netapp:snapcenter	netapp snapcenter	eq	4.7
netapp:snapcenter	netapp snapcenter	eq	4.8

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "SnapCenter",
    "versions": [
      {
        "version": "4.7 prior to 4.7P2 and 4.8 prior to 4.8P1",
        "status": "affected"
      }
    ]
  }
]

References

security.netapp.com/advisory/ntap-20230511-0011/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.1%

JSON

Related for CVE-2023-1096

cvelist1 nvd1 prion1