Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23235

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled.

Published

2022-08-25T18:15:09.703

Last Modified

2024-11-21T06:48:14.460

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	netapp	active_iq_unified_manager	< 9.10	Yes
Application	netapp	active_iq_unified_manager	< 9.10	Yes
Application	netapp	active_iq_unified_manager	< 9.10	Yes
Application	netapp	active_iq_unified_manager	9.10	Yes
Application	netapp	active_iq_unified_manager	9.10	Yes
Application	netapp	active_iq_unified_manager	9.10	Yes

References

https://security.netapp.com/advisory/ntap-20220324-0001/ Patch, Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220324-0001/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)