5.3

CVE-2022-23235

EPSS 0.24%
Published 25.08.2022 18:15:09
Last modified 21.11.2024 06:48:14
Source security-alert@netapp.com
Teams watchlist Login
Open Login

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled.

Affected products Warnungen 0 Metrics 2 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Netapp ≫ Active Iq Unified Manager SwPlatformlinux Version < 9.10

Netapp ≫ Active Iq Unified Manager SwPlatformvmware_vsphere Version < 9.10

Netapp ≫ Active Iq Unified Manager SwPlatformwindows Version < 9.10

Netapp ≫ Active Iq Unified Manager Version9.10 Update- SwPlatformlinux

Netapp ≫ Active Iq Unified Manager Version9.10 Update- SwPlatformvmware_vsphere

Netapp ≫ Active Iq Unified Manager Version9.10 Update- SwPlatformwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.24%	0.467

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

https://security.netapp.com/advisory/ntap-20220324-0001/

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23235

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23235

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23235

EUVD