Vulnerabilites related to NetApp - StorageGRID Webscale
CVE-2018-5495 (GCVE-0-2018-5495)
Vulnerability from cvelistv5
Published
2018-11-14 19:00
Modified
2024-08-05 05:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NetApp | StorageGRID Webscale |
Version: All |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:50.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181114-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "StorageGRID Webscale",
"vendor": "NetApp",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2018-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T18:57:01",
"orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"shortName": "netapp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181114-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@netapp.com",
"ID": "CVE-2018-5495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "StorageGRID Webscale",
"version": {
"version_data": [
{
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "NetApp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20181114-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181114-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"assignerShortName": "netapp",
"cveId": "CVE-2018-5495",
"datePublished": "2018-11-14T19:00:00",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-08-05T05:40:50.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}