CVE-2026-22051

Summary

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results that they do not have access to.

Affected Software

VendorProductVersion RangeStatus
NETAPPStorageGRID (formerly StorageGRID Webscale)0 < 11.9.0.13affected
NETAPPStorageGRID (formerly StorageGRID Webscale)0 < 12.0.0.6affected

Weaknesses

  • 213

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References