Remote Object Deletion Vulnerability in NetApp StorageGRID Webscale
CVE-2017-12422

6.5MEDIUM

Key Information:

Vendor: Netapp
Status: Storagegrid Webscale
Vendor: CVE Published:; 29 August 2017

Summary

NetApp StorageGRID Webscale versions 10.2.x prior to 10.2.2.3, 10.3.x prior to 10.3.0.4, and 10.4.x prior to 10.4.0.2 are susceptible to a vulnerability that permits remote authenticated users to delete arbitrary objects. This flaw poses a risk to data integrity, allowing unauthorized modifications and potential data loss. Proper updates and security measures are crucial to mitigate this issue.

References

http://www.securityfocus.com/bid/100535

vdb-entryx_refsource_BID

https://kb.netapp.com/support/s/article/NTAP-20170825-0001

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 29, 2017
Vulnerability Reserved
Aug 4, 2017