CVE-2022-23241

Summary

Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.

Affected Software

VendorProductVersion RangeStatus
n/aClustered Data ONTAP9.11.1 through 9.11.1P2affected

Weaknesses

  • Arbitrary Data Modification

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References