Authentication Bypass Vulnerability in OnCommand Insight by NetApp
CVE-2022-38733

8.6HIGH

Key Information:

Vendor: Netapp
Status: Oncommand Insight
Vendor: CVE Published:; 20 December 2022

Summary

OnCommand Insight versions ranging from 7.3.1 to 7.3.14 are exposed to an authentication bypass vulnerability within the Data Warehouse component, potentially allowing unauthorized access to sensitive data and operational functionality.

Affected Version(s)

OnCommand Insight 7.3.1 through 7.3.14

References

https://security.netapp.com/advisory/NTAP-20221220-0001/

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 20, 2022
Vulnerability Reserved
Aug 24, 2022