CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21994 – CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21994
08 Nov 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash. • https://security.netapp.com/advisory/ntap-20241108-0001 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21984 – Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21984
16 Feb 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the attacker to know specific information about the target instance and trick a privileged user into clicking a specially crafted link. This could allow the attacker to view or modify configuration settings or add or modify user accounts. Las versiones de StorageGRID (anteriormente StorageGRID Webscale) anteriores a la 11... • https://security.netapp.com/advisory/ntap-20240216-0013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21983 – Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2024-21983
16 Feb 2024 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot. Las versiones de StorageGRID (anteriormente StorageGRID Webscale) anteriores a la 11.8 son susceptibles a una vulnerabilidad de denegación de servicio (DoS). La explotación exitosa por parte de un atacante autenticado podría provocar una condición de falta de memoria o el reinici... • https://security.netapp.com/advisory/ntap-20240216-0012 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27318 – Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
https://notcve.org/view.php?id=CVE-2023-27318
05 Feb 2024 — StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to a crash of the Local Distribution Router (LDR) service. Las versiones 11.6.0 a 11.6.0.13 de StorageGRID (anteriormente StorageGRID Webscale) son susceptibles a una vulnerabilidad de denegación de servicio (DoS). Un exploit exitoso podría provocar una falla del servicio Local Distribution Router (LDR). • https://security.netapp.com/advisory/NTAP-20240202-0012 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38734
https://notcve.org/view.php?id=CVE-2022-38734
02 Mar 2023 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service. • https://security.netapp.com/advisory/ntap-20230228-0001 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23238
https://notcve.org/view.php?id=CVE-2022-23238
09 Aug 2022 — Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. Las implantaciones en Linux de StorageGRID (anteriormente conocido como StorageGRID Webscale) versiones 11.6.0 hasta 11.6.0.2 implantadas con una versión del kernel de Linux inferior a 4.7.0 ... • https://security.netapp.com/advisory/NTAP-20220808-0001 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23233
https://notcve.org/view.php?id=CVE-2022-23233
04 Mar 2022 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. StorageGRID (anteriormente conocido como StorageGRID Webscale) versiones anteriores a 11.6.0, son susceptibles a una vulnerabilidad que, cuando es explotada con éxito, podría conllevar a una denegación de servicio (DoS) del servicio del router de distribución local (LDR) • https://security.netapp.com/advisory/NTAP-20220303-0010 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23232
https://notcve.org/view.php?id=CVE-2022-23232
04 Mar 2022 — StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure,... • https://security.netapp.com/advisory/NTAP-20220303-0009 •