Vulnerabilities > CVE-2021-27006 - Unspecified vulnerability in Netapp Storagegrid

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

netapp

NVD

Published: 2021-12-23

Updated: 2022-07-12

Summary

StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp Storagegrid 11.5.0 Netapp Storagegrid 11.5.0.1 Netapp Storagegrid 11.5.0.2 Netapp Storagegrid 11.5.0.3 Netapp Storagegrid 11.5.0.4	5

References

https://security.netapp.com/advisory/ntap-20211221-0001/