SnapLock Configured FlexGroups Vulnerability: Arbitrary Modification and Deletion of WORM Data

SnapLock Configured FlexGroups Vulnerability: Arbitrary Modification and Deletion of WORM Data

CVE-2022-23241 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.

Learn more about our Web Application Penetration Testing UK.