CVE-2018-5495
CRITICALNetApp StorageGRID Webscale - Unauthenticated HTTP Communication and Service Takeover
Title source: llmDescription
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20181114-0001/
Scores
CVSS v3
9.8
EPSS
0.0073
EPSS Percentile
73.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
netapp/storagegrid_webscale
Published
Nov 14, 2018
Tracked Since
Feb 18, 2026