CVE-2023-27316

CWE-269Improper Privilege Management4 documents4 sources
Severity
7.8HIGH
EPSS
0.1%
top 73.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Snapcenter
Timeline
PublishedOct 12
Latest updateApr 11

Description

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages2 packages

CVEListV5netapp/snapcenter4.84.9
NVDnetapp/snapcenter4.84.9

🔴Vulnerability Details

3
OSV
apache2 vulnerabilities2024-04-11
GHSA
GHSA-c3xg-7w53-6ghf: SnapCenter versions 42023-10-13
CVEList
Privilege Escalation Vulnerability in SnapCenter2023-10-12
CVE-2023-27316 (HIGH CVSS 7.8) | SnapCenter versions 4.8 through 4.9 | cvebase.io