CVE-2022-23238
First published: Wed Aug 10 2022(Updated: )
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content.
Credit: security-alert@netapp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netapp Storagegrid | >=11.6.0<11.6.0.3 | |
| Canonical Ubuntu Linux | =16.04 | |
| Centos Centos | =7.9 | |
| Linux Linux kernel | <4.7 | |
| Redhat Enterprise Linux Server | =7.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-23238.
Which versions of StorageGRID are affected by this vulnerability?
Linux deployments of StorageGRID versions 11.6.0 through 11.6.0.2 are affected by this vulnerability.
What is the severity of CVE-2022-23238?
The severity of CVE-2022-23238 is medium, with a CVSS score of 6.5.
How can a remote unauthenticated attacker exploit this vulnerability?
A remote unauthenticated attacker can exploit this vulnerability to view limited metrics information and modify alert email recipients.
Is Ubuntu Linux 16.04 vulnerable to CVE-2022-23238?
No, Ubuntu Linux 16.04 is not vulnerable to CVE-2022-23238.
- collector/nvd-index
- agent/type
- vendor/netapp
- canonical/netapp storagegrid
- version/netapp storagegrid/11.6.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/16.04
- vendor/centos
- canonical/centos centos
- version/centos centos/7.9
- vendor/linux
- canonical/linux linux kernel
- vendor/redhat
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.9