Lucene search

NetappCVELIST:CVE-2024-21993

HistoryJul 09, 2024 - 9:26 p.m.

CVE-2024-21993 Information Disclosure Vulnerability in SnapCenter

2024-07-0921:26:03

netapp

www.cve.org

snapcenter

vulnerability

information disclosure

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

18.9%

JSON

SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability
which could allow an authenticated attacker to discover plaintext
credentials.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SnapCenter",
    "vendor": "NetApp",
    "versions": [
      {
        "lessThan": "5.0p1",
        "status": "affected",
        "version": "0",
        "versionType": "patch"
      }
    ]
  }
]

References

security.netapp.com/advisory/ntap-20240705-0007/

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

18.9%

JSON

Related for CVELIST:CVE-2024-21993