CVE-2024-21987 – Improper Authorization Vulnerability in SnapCenter
https://notcve.org/view.php?id=CVE-2024-21987
SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an authenticated SnapCenter Server user to modify system logging configuration settings Las versiones 4.8 de SnapCenter anteriores a la 5.0 son susceptibles a una vulnerabilidad que podría permitir a un usuario autenticado de SnapCenter Server modificar los ajustes de configuración de registro del sistema. • https://security.netapp.com/advisory/ntap-20240216-0001 • CWE-285: Improper Authorization •
CVE-2023-27316 – Privilege Escalation Vulnerability in SnapCenter
https://notcve.org/view.php?id=CVE-2023-27316
SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed. Las versiones 4.8 a 4.9 de SnapCenter son susceptibles a una vulnerabilidad que puede permitir que un usuario autenticado de SnapCenter Server se convierta en usuario administrador en un sistema remoto donde se ha instalado un complemento de SnapCenter. • https://security.netapp.com/advisory/NTAP-20231012-0001 https://security.netapp.com/advisory/ntap-20231012-0001 • CWE-269: Improper Privilege Management •
CVE-2023-27313 – Privilege Escalation Vulnerability in SnapCenter
https://notcve.org/view.php?id=CVE-2023-27313
SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to a vulnerability which may allow an authenticated unprivileged user to gain access as an admin user. Las versiones 3.x y 4.x de SnapCenter anteriores a la 4.9 son susceptibles a una vulnerabilidad que puede permitir que un usuario autenticado sin privilegios obtenga acceso como usuario administrador. • https://security.netapp.com/advisory/ntap-20230713-0002 • CWE-250: Execution with Unnecessary Privileges •
CVE-2023-1096
https://notcve.org/view.php?id=CVE-2023-1096
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. • https://security.netapp.com/advisory/ntap-20230511-0011 •