CVE-2026-22052

Summary

ONTAP versions 9.12.1 and higher with S3 NAS buckets are susceptible to an information disclosure vulnerability. Successful exploit could allow an authenticated attacker to view a listing of the contents in a directory for which they lack permission.

Affected Software

VendorProductVersion RangeStatus
NETAPPONTAP 99.12.1 and higheraffected

Weaknesses

  • 209

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References