Headline
CVE-2022-23236: CVE-2022-23236 Information Disclosure Vulnerability in E-Series SANtricity OS Controller Software 11.x
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.
- Home
- Advisory
- CVE-2022-23236 Information Disclosure Vulnerability in E-Series SANtricity OS Controller Software 11.x
circle-check-alt This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.
Advisory ID: NTAP-20220527-0001 Version: 1.0 Last updated: 05/27/2022 Status: Final. CVEs: CVE-2022-23236
This document is provided solely for informational purposes. All information is based upon NetApp’s current knowledge and understanding of the hardware and software products tested by NetApp, and the methodology and assumptions used by NetApp. NetApp is not responsible for any errors or omissions that may be contained herein, and no warranty, representation, or other legal commitment or obligation is being provided by NetApp. © 2022 NetApp, Inc. All rights reserved. No portions of this document may be reproduced without prior written consent of NetApp, Inc.