Netapp

Storagegrid

72 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-26517

  • EPSS 0.03%
  • Veröffentlicht 19.09.2025 18:53:07
  • Zuletzt bearbeitet 23.09.2025 14:30:09

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a privilege escalation vulnerability. Successful exploit could allow an unauthorized authenticated attacker to discover Grid node names and IP...

5.3

CVE-2025-26516

  • EPSS 0.07%
  • Veröffentlicht 19.09.2025 18:51:12
  • Zuletzt bearbeitet 23.09.2025 14:31:10

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node.

7.5

CVE-2025-26515

  • EPSS 0.04%
  • Veröffentlicht 19.09.2025 18:34:17
  • Zuletzt bearbeitet 23.09.2025 14:31:27

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an unauthenticated attacker ...

6.4

CVE-2025-26514

  • EPSS 0.04%
  • Veröffentlicht 19.09.2025 18:31:54
  • Zuletzt bearbeitet 23.09.2025 14:32:00

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cross-Site Scripting vulnerability. Successful exploit could allow an attacker to view or modify configuration settings or add or ...

9.8

CVE-2025-25292

Exploit
  • EPSS 4.05%
  • Veröffentlicht 12.03.2025 20:53:24
  • Zuletzt bearbeitet 26.09.2025 14:15:01

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML d...

9.8

CVE-2025-25291

Exploit
  • EPSS 24.12%
  • Veröffentlicht 12.03.2025 20:16:12
  • Zuletzt bearbeitet 26.09.2025 14:14:27

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML d...

4.3

CVE-2024-21994

  • EPSS 0.24%
  • Veröffentlicht 08.11.2024 21:15:16
  • Zuletzt bearbeitet 23.09.2025 14:33:14

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash.

5.3

CVE-2024-21988

  • EPSS 0.05%
  • Veröffentlicht 14.06.2024 22:15:10
  • Zuletzt bearbeitet 13.12.2024 17:26:35

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation.

6.9

CVE-2024-21984

  • EPSS 0.22%
  • Veröffentlicht 16.02.2024 23:15:08
  • Zuletzt bearbeitet 13.12.2024 17:55:08

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the attacker to know specific information about the target...

6.5

CVE-2024-21983

  • EPSS 0.22%
  • Veröffentlicht 16.02.2024 23:15:07
  • Zuletzt bearbeitet 13.12.2024 17:55:06

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot.