Vulnerability in Netapp Active Iq Onecollect

CVE-2026-22055

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.

EPSS: 0.000 (13.0th percentile) — read the EPSS interpretation.

Affected products

Netapp Active Iq Onecollect — versions 2.7.3

Weakness classification (CWE)

CWE-259 — Use of Hard-coded Password

References

security-alert@netapp.com (vendor-advisory)