CVE-2022-23238

Summary

Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content.

Affected Software

VendorProductVersion RangeStatus
n/aStorageGRID (formerly StorageGRID Webscale)11.6.0 through 11.6.0.2affected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References