CVE-2026-22051 | THREATINT

Description

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results that they do not have access to.

PUBLISHED Reserved 2026-01-05 | Published 2026-04-20 | Updated 2026-04-21 | Assigner netapp

LOW: 2.3CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

213

Product status

Default status

unaffected

Any version before 11.9.0.13

affected

Any version before 12.0.0.6

affected

References

security.netapp.com/advisory/ntap-20260420-0001 vendor-advisory

cve.org (CVE-2026-22051)

nvd.nist.gov (CVE-2026-22051)

Download JSON