CVE-2024-21983

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.netapp.com/advisory/ntap-20240216-0012/

Configurations

No configuration.

History

20 Feb 2024, 19:51

Type	Values Removed	Values Added
Summary		(es) Las versiones de StorageGRID (anteriormente StorageGRID Webscale) anteriores a la 11.8 son susceptibles a una vulnerabilidad de denegación de servicio (DoS). La explotación exitosa por parte de un atacante autenticado podría provocar una condición de falta de memoria o el reinicio del nodo.

16 Feb 2024, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-16 23:15

Updated : 2024-02-20 19:51

NVD link : CVE-2024-21983

Mitre link : CVE-2024-21983

CVE.ORG link : CVE-2024-21983

JSON object : View

Products Affected

No product.

CWE

CWE-248

Uncaught Exception

6.5 /10