First published: Fri May 12 2023(Updated: )
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.
Credit: security-alert@netapp.com
Affected Software | Affected Version | How to fix |
---|---|---|
Netapp Snapcenter | =4.7 | |
Netapp Snapcenter | =4.7-p1 | |
Netapp Snapcenter | =4.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-1096 is a vulnerability in SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 that allows a remote unauthenticated attacker to gain access as an admin user.
CVE-2023-1096 has a severity rating of 9.8 out of 10, indicating a critical vulnerability.
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are affected by CVE-2023-1096.
An attacker can exploit CVE-2023-1096 by sending malicious requests to the vulnerable SnapCenter versions, allowing them to gain access as an admin user.
Yes, Netapp has released patches to address CVE-2023-1096. It is recommended to update to SnapCenter versions 4.7P2 or 4.8P1 to mitigate the vulnerability.