Denial of Service Vulnerability in StorageGRID by NetApp
CVE-2022-38734

7.5HIGH

Key Information:

Vendor
Netapp
Status
Denial Of Service Vulnerability In Storagegrid (formerly Storagegrid Webscale)
Vendor
CVE Published:
2 March 2023

Summary

StorageGRID, formerly known as StorageGRID Webscale, has a vulnerability that permits Denial of Service attacks in versions prior to 11.6.0.8. Exploiting this flaw can lead to the crash of the Local Distribution Router (LDR) service, impacting the availability and functionality of the storage system. It is crucial for users running affected versions to apply security updates to protect against potential service interruptions.

Affected Version(s)

Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) prior to 11.6.0.8

References

https://security.netapp.com/advisory/ntap-20230228-0001/

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-38734 : Denial of Service Vulnerability in StorageGRID by NetApp | SecurityVulnerability.io