How to fix CVE-2024-22216?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Is Maxview Storage Manager affected by CVE-2024-22216?

CVE-2024-22216 presents critical security risk, a improper access control vulnerability rated CVSS 10.0. Successful exploitation could critically impact the confidentiality, integrity, and availability of affected systems.

Maxview Storage Manager CVE-2024-22216

CRITICAL

Improper Access Control (CWE-284)

2024-01-08 [email protected]

Authentication Bypass Information Disclosure Maxview Storage Manager

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:34 vuln.today

CVE Published

Jan 08, 2024 - 07:15 nvd

CRITICAL 10.0

DescriptionNVD

In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339).

AnalysisAI

In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-284. In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339). Affected products include: Microchip Maxview Storage Manager. Version information: through 4.14.00.26064.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-22216 vulnerability details – vuln.today

Back

Maxview Storage Manager CVE-2024-22216

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code