Potential Password Leak in SnapCenter Versions Prior to 5.0p1
CVE-2024-21993

6.5MEDIUM

Key Information:

Vendor

Netapp

Status
Snapcenter
Vendor
CVE Published:
9 July 2024

What is CVE-2024-21993?

SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials.

Affected Version(s)

SnapCenter 0 < 5.0p1

References

https://security.netapp.com/advisory/ntap-20240705-0007/

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.