NetApp Security Advisory CVE-2022-23234: Information Disclosure Vulnerability in SnapCenter
Versions prior to 4.5 susceptible to vulnerability which could allow local authenticated attacker to discover plaintext HANA credentials
This is a Press Release edited by StorageNewsletter.com on March 3, 2022 at 2:00 pmNetApp, Inc. had published a security advisory concerning an information disclosure vulnerability in SnapCenter.
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.
Advisory ID: NTAP-20220228-0001
Version: 1.0
Last updated: 02/28/2022
Status: Final.
CVEs: CVE-2022-23234
Summary
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.
Impact
Successful exploitation of this vulnerability could lead to disclosure of sensitive information.
Vulnerability scoring details
|
CVE |
Score |
Vector |
|---|---|---|
|
3.3 (LOW) |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Exploitation and public announcements
NetApp is not aware of public discussion regarding this vulnerability.
Subscribe to our free daily newsletter
