CVE-2022-23241
First published: Wed Oct 19 2022(Updated: )
Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.
Credit: security-alert@netapp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetApp Clustered Data ONTAP | =9.11.1 | |
| NetApp Clustered Data ONTAP | =9.11.1-p2 | |
| NetApp Clustered Data ONTAP | =9.11.1-rc1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2022-23241.
What is the severity of CVE-2022-23241?
The severity of CVE-2022-23241 is high.
Which versions of Clustered Data ONTAP are affected by CVE-2022-23241?
Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 are affected by CVE-2022-23241.
What is the impact of CVE-2022-23241?
CVE-2022-23241 allows an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.
How can I fix this vulnerability?
Apply the necessary patches or updates provided by NetApp to fix this vulnerability.
- collector/nvd-index
- vendor/netapp
- canonical/netapp clustered data ontap
- version/netapp clustered data ontap/9.11.1
- version/netapp clustered data ontap/9.11.1-p2
- version/netapp clustered data ontap/9.11.1-rc1