NotCVE - vendor:"Netapp" product:"Storagegrid" version:" >= 11.5.0

Page 2 of 7 results (0.006 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-23232

https://notcve.org/view.php?id=CVE-2022-23232

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale). StorageGRID (anteriormente conocido como StorageGRID Webscale) versiones anteriores a 11.6.0, son susceptibles a una vulnerabilidad que, cuando es explotada con éxito, podría permitir que las cuentas de usuarios externos deshabilitadas, caducadas o bloqueadas accedan a los datos de S3 a los que presentaban acceso anteriormente. StorageGRID versión 11.6.0 obtiene el estado de la cuenta de usuario desde Active Directory o Azure y bloqueará el acceso a S3 de las cuentas de usuario deshabilitadas durante la posterior sincronización en segundo plano. • https://security.netapp.com/advisory/NTAP-20220303-0009 •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-27006

https://notcve.org/view.php?id=CVE-2021-27006

StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager. StorageGRID (anteriormente StorageGRID Webscale) versiones 11.5 anteriores a 11.5.0.5, son susceptibles a una vulnerabilidad que puede permitir a un usuario administrativo escalar sus privilegios y modificar la configuración en SANtricity System Manager • https://security.netapp.com/advisory/ntap-20211221-0001 •

1 2