Lucene search
K

12 matches found

CVE
CVE
added 2022/03/04 5:21 p.m.100 views

CVE-2022-23232

Summary of CVE-2022-23232 (StorageGRID): StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are vulnerable to an access-control issue where disabled, expired, or locked external user accounts could access S3 data they previously could view. In 11.6.0, the product changes behavio...

4.9CVSS5.1AI score0.00753EPSS
CVE
CVE
added 2022/03/04 5:22 p.m.100 views

CVE-2022-23233

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability that, if exploited, could cause a Denial of Service (DoS) of the Local Distribution Router (LDR) service. Affected product is NetApp StorageGRID; the issue is described across multiple sources ...

7.5CVSS7.4AI score0.00916EPSS
CVE
CVE
added 2023/03/02 12:0 a.m.64 views

CVE-2022-38734

CVE-2022-38734 affects NetApp StorageGRID (formerly StorageGRID Webscale) before version 11.6.0.8. The vulnerability leads to a Denial of Service that can crash the Local Distribution Router (LDR) service. The available connected documents consistently describe this DoS impact and the targeted co...

7.5CVSS7.3AI score0.00616EPSS
CVE
CVE
added 2024/06/14 9:37 p.m.55 views

CVE-2024-21988

CVE-2024-21988 affects NetApp StorageGRID (formerly StorageGRID Webscale). Versions prior to 11.7.0.9 and 11.8.0.5 are vulnerable due to a flaw in the SSH cryptographic implementation that enables disclosure of sensitive information in complex Man‑in‑the‑Middle attacks. The root cause is tied to ...

5.3CVSS5.2AI score0.00235EPSS
CVE
CVE
added 2024/11/08 9:6 p.m.55 views

CVE-2024-21994

CVE-2024-21994 affects NetApp StorageGRID (formerly StorageGRID Webscale) prior to version 11.9. The vulnerability allows an authenticated attacker to cause a Denial of Service, potentially crashing the service. The available connected documentation confirms the affected product and version range...

4.3CVSS4.4AI score0.00347EPSS
CVE
CVE
added 2024/02/16 10:35 p.m.49 views

CVE-2024-21983

CVE-2024-21983 affects NetApp’s StorageGRID (formerly StorageGRID Webscale). Public sources confirm versions prior to 11.8 are susceptible to a DoS where an authenticated attacker could trigger an out-of-memory condition or node reboot. The vulnerability is described consistently across multiple ...

6.5CVSS6.3AI score0.00493EPSS
CVE
CVE
added 2024/02/16 10:37 p.m.49 views

CVE-2024-21984

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are vulnerable to a Reflected Cross-Site Scripting (XSS) flaw. Exploitation requires a targeted user to click a crafted link, after which an attacker could view or modify configuration settings or add/modify user accounts. Multipl...

6.9CVSS5.4AI score0.00314EPSS
CVE
CVE
added 2025/09/19 6:34 p.m.27 views

CVE-2025-26515

StorageGRID (formerly StorageGRID Webscale) is affected by CVE-2025-26515, a Server-Side Request Forgery (SSRF) in versions prior to 11.8.0.15 and 11.9.0.8 when Single Sign-On is not enabled. An unauthenticated attacker could change the password of any Grid Manager or Tenant Manager non-federated...

7.5CVSS6.6AI score0.00317EPSS
CVE
CVE
added 2025/09/19 6:51 p.m.26 views

CVE-2025-26516

CVE-2025-26516 affects StorageGRID (formerly StorageGRID Webscale); versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service on the Admin node when exploited by an unauthenticated attacker. The available documents do not specify the exact root cause or exploitation details....

5.3CVSS6.5AI score0.00363EPSS
CVE
CVE
added 2025/09/19 6:31 p.m.24 views

CVE-2025-26514

StorageGRID (formerly StorageGRID Webscale) is affected by a Reflected Cross-Site Scripting vulnerability in versions prior to 11.8.0.15 and 11.9.0.8. The issue could let an attacker view or modify configuration settings or add/modify user accounts, but exploitation requires the attacker to know ...

6.4CVSS5.5AI score0.00224EPSS
CVE
CVE
added 2025/09/19 6:53 p.m.22 views

CVE-2025-26517

StorageGRID (formerly StorageGRID Webscale) is affected in versions prior to 11.8.0.15 and prior to 11.9.0.8. The vulnerability is a privilege escalation that could allow an unauthenticated? authenticated attacker to discover Grid node names and IP addresses or modify Storage Grades. Remediation:...

5.4CVSS6.6AI score0.00178EPSS
CVE
CVE
added 2026/04/20 9:27 p.m.14 views

CVE-2026-22051

StorageGRID (formerly StorageGRID Webscale) is affected in versions prior to 11.9.0.13 and 12.0.0.6 by an Information Disclosure vulnerability. An authenticated user with low privileges could run arbitrary metrics queries and view metric results they should not access. The attack vector is networ...

4.3CVSS5.9AI score0.00184EPSS