Overview
- Description
- Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content.
- Source
- security-alert@netapp.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0D98A33-61A2-4D8D-A43F-96765DFDE68C",
"versionEndExcluding": "11.6.0.3",
"versionStartIncluding": "11.6.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "712507AC-DAB8-4FFE-9426-08282919411F"
},
{
"criteria": "cpe:2.3:o:centos:centos:7.9:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "2D2B5B32-3969-4C7E-986A-4F7683E116A3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5F952CED-2EA6-447E-BE5D-84CEEF065E4C",
"versionEndExcluding": "4.7"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.9:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "F2235A81-D4A7-47F9-9C09-B8EC965F8F4B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]