CVE-2022-23241

Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.

Published: Oct 19, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-23241
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netapp / clustered_data_ontap	9.11.1-rc1	9.11.1-rc1.x
netapp / clustered_data_ontap	9.11.1-p2	9.11.1-p2.x
netapp / clustered_data_ontap	9.11.1	9.11.1.x

https://security.netapp.com/advisory/ntap-20221017-0001/

Vulnerability Database

289,599

CVE-2022-23241