Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.
References
| Link | Resource |
|---|---|
| https://security.netapp.com/advisory/ntap-20220901-0001/ | Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20220901-0001/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:48
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://security.netapp.com/advisory/ntap-20220901-0001/ - Third Party Advisory |
10 Mar 2023, 15:49
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
| References | (MISC) https://security.netapp.com/advisory/ntap-20220901-0001/ - Third Party Advisory | |
| CWE | CWE-79 | |
| CPE | cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* |
01 Mar 2023, 13:45
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-02-28 23:15
Updated : 2024-11-21 06:48
NVD link : CVE-2022-23239
Mitre link : CVE-2022-23239
CVE.ORG link : CVE-2022-23239
JSON object : View
Products Affected
netapp
- active_iq_unified_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')