Authentication Bypass Vulnerability in Active IQ Config Advisor by NetApp
CVE-2026-22054

5.3MEDIUM

Key Information:

Vendor

Netapp

Vendor
CVE Published:
3 June 2026

What is CVE-2026-22054?

Active IQ Config Advisor version 6.7.3 is vulnerable due to hard-coded credentials, which can be exploited by an authenticated attacker with limited privileges. This flaw enables unauthorized AutoSupport operations, posing potential risks to organizational data integrity and security. It is crucial for users of this product to review their security measures and apply necessary updates to mitigate potential exploitation.

Affected Version(s)

Active IQ Config Advisor 6.7.3

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.