CVE-2022-23235
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
31.3%
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netapp | active_iq_unified_manager | * | cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:* |
| netapp | active_iq_unified_manager | * | cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* |
| netapp | active_iq_unified_manager | * | cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* |
| netapp | active_iq_unified_manager | 9.10 | cpe:2.3:a:netapp:active_iq_unified_manager:9.10:-:*:*:*:linux:*:* |
| netapp | active_iq_unified_manager | 9.10 | cpe:2.3:a:netapp:active_iq_unified_manager:9.10:-:*:*:*:vmware_vsphere:*:* |
| netapp | active_iq_unified_manager | 9.10 | cpe:2.3:a:netapp:active_iq_unified_manager:9.10:-:*:*:*:windows:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
31.3%