CVE-2026-22050

Summary

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none.

Affected Software

VendorProductVersion RangeStatus
NETAPPONTAP 99.16.1 < 9.16.1P9affected
NETAPPONTAP 99.17.1 < 9.17.1P2affected

Weaknesses

  • 639

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References