StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8
are susceptible to a difficult to exploit Reflected Cross-Site Scripting
(XSS) vulnerability. Successful exploit requires the attacker to know
specific information about the target instance and trick a privileged
user into clicking a specially crafted link. This could allow the
attacker to view or modify configuration settings or add or modify user
accounts.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://security.netapp.com/advisory/ntap-20240216-0013/ |
History
Fri, 13 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Netapp
Netapp storagegrid |
|
CPEs | cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:* | |
Vendors & Products |
Netapp
Netapp storagegrid |
MITRE
Status: PUBLISHED
Assigner: netapp
Published: 2024-02-16T22:37:47.580Z
Updated: 2024-08-01T22:35:34.659Z
Reserved: 2024-01-03T19:45:25.346Z
Link: CVE-2024-21984
Vulnrichment
Updated: 2024-08-01T22:35:34.659Z
NVD
Status : Analyzed
Published: 2024-02-16T23:15:08.050
Modified: 2024-12-13T17:55:08.837
Link: CVE-2024-21984
Redhat
No data.