Authentication Bypass Vulnerability in OnCommand Insight by NetApp
CVE-2022-38733

8.6HIGH

Key Information:

Vendor: Netapp
Status: Oncommand Insight
Vendor: CVE Published:; 20 December 2022

What is CVE-2022-38733?

OnCommand Insight versions ranging from 7.3.1 to 7.3.14 are exposed to an authentication bypass vulnerability within the Data Warehouse component, potentially allowing unauthorized access to sensitive data and operational functionality.

Affected Version(s)

OnCommand Insight 7.3.1 through 7.3.14

References

https://security.netapp.com/advisory/NTAP-20221220-0001/

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 20, 2022
Vulnerability Reserved
Aug 24, 2022

Netapp

What is CVE-2022-38733?

Affected Version(s)

References

CVSS V3.1

Timeline