CVE-2022-38733

CWE-287Improper Authentication3 documents3 sources
Severity
8.6HIGH
EPSS
0.4%
top 40.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Oncommand Insight
Timeline
PublishedDec 20

Description

OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 3.9 | Impact: 4.7

Affected Packages2 packages

NVDnetapp/oncommand_insight7.3.17.3.14
CVEListV5oncommand_insight7.3.1 through 7.3.14

🔴Vulnerability Details

2
CVEList
CVE-2022-38733: OnCommand Insight versions 72022-12-20
GHSA
GHSA-7qjh-9xmf-42f9: OnCommand Insight versions 72022-12-20
CVE-2022-38733 (HIGH CVSS 8.6) | OnCommand Insight versions 7.3.1 th | cvebase.io