Vulnerability Details : CVE-2023-1096
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.
Products affected by CVE-2023-1096
- cpe:2.3:a:netapp:snapcenter:4.8:-:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapcenter:4.7:p1:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapcenter:4.7:-:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-1096
0.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 66 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-1096
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2023-1096
-
https://security.netapp.com/advisory/ntap-20230511-0011/
CVE-2023-1096 Authentication Bypass Vulnerability in SnapCenter | NetApp Product SecurityVendor Advisory
Jump to