Netapp Storagegrid
12 CVEs affecting Netapp Storagegrid. Latest disclosed: 2025-09-19. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-3167 | Critical | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may l… |
CVE-2025-26515 | High | 7.5 | 2025-09-19 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request… |
CVE-2022-0778 | High | 7.5 | 2022-03-15 | The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this functi… |
CVE-2016-10708 | High | 7.5 | 2018-01-21 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS mess… |
CVE-2016-8610 | High | 7.5 | 2017-11-13 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets… |
CVE-2017-7668 | High | 7.5 | 2017-06-20 | The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the… |
CVE-2024-21983 | Medium | 6.5 | 2024-02-16 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authe… |
CVE-2025-26514 | Medium | 6.4 | 2025-09-19 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cross-Site Scripting vulnerability. Succ… |
CVE-2024-21984 | Medium | 5.9 | 2024-02-16 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerabili… |
CVE-2025-26517 | Medium | 5.4 | 2025-09-19 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a privilege escalation vulnerability. Successful expl… |
CVE-2025-26516 | Medium | 5.3 | 2025-09-19 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit… |
CVE-2024-21994 | Medium | 4.3 | 2024-11-08 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authent… |