Unauthorized AutoSupport Operations in Active IQ OneCollect by NetApp
CVE-2026-22055

5.3MEDIUM

Key Information:

Vendor

Netapp

Vendor
CVE Published:
3 June 2026

What is CVE-2026-22055?

Active IQ OneCollect version 2.7.3 has a security flaw due to hard-coded credentials, which can be exploited by authenticated attackers with limited privileges. This vulnerability may allow such attackers to perform unauthorized AutoSupport operations, potentially compromising the integrity of the system and leading to further security risks.

Affected Version(s)

Active IQ OneCollect 2.7.3

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.