CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21994 – CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21994
08 Nov 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash. • https://security.netapp.com/advisory/ntap-20241108-0001 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21984 – Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21984
16 Feb 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the attacker to know specific information about the target instance and trick a privileged user into clicking a specially crafted link. This could allow the attacker to view or modify configuration settings or add or modify user accounts. Las versiones de StorageGRID (anteriormente StorageGRID Webscale) anteriores a la 11... • https://security.netapp.com/advisory/ntap-20240216-0013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21983 – Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21983
16 Feb 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot. Las versiones de StorageGRID (anteriormente StorageGRID Webscale) anteriores a la 11.8 son susceptibles a una vulnerabilidad de denegación de servicio (DoS). La explotación exitosa por parte de un atacante autenticado podría provocar una condición de falta de memoria o el reinici... • https://security.netapp.com/advisory/ntap-20240216-0012 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38734
https://notcve.org/view.php?id=CVE-2022-38734
02 Mar 2023 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service. • https://security.netapp.com/advisory/ntap-20230228-0001 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23233
https://notcve.org/view.php?id=CVE-2022-23233
04 Mar 2022 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. StorageGRID (anteriormente conocido como StorageGRID Webscale) versiones anteriores a 11.6.0, son susceptibles a una vulnerabilidad que, cuando es explotada con éxito, podría conllevar a una denegación de servicio (DoS) del servicio del router de distribución local (LDR) • https://security.netapp.com/advisory/NTAP-20220303-0010 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23232
https://notcve.org/view.php?id=CVE-2022-23232
04 Mar 2022 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure,... • https://security.netapp.com/advisory/NTAP-20220303-0009 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8571
https://notcve.org/view.php?id=CVE-2020-8571
13 Mar 2020 — StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11.3 prior to 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause a Denial of Service (DoS). StorageGRID (anteriormente StorageGRID Webscale) versiones 10.0.0 hasta 11.3 anteriores a 11.2.0.8 y versión 11.3.0.4, son susceptibles a una vulnerabilidad que permite a un atacante remoto no autenticado causar una Denegación de Servicio (DoS). • https://security.netapp.com/advisory/ntap-20200313-0005 •