What is the CVSS score of CVE-2026-22048?

CVE-2026-22048 has a CVSS 3.1 base score of 7.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H. EPSS exploitation probability: 0.0%.

Which versions of Azure are affected by CVE-2026-22048?

StorageGRID installations using Microsoft Entra ID for authentication are vulnerable to a Server-Side Request Forgery attack that could allow attackers to access internal systems or sensitive data.

How to fix or mitigate CVE-2026-22048?

Within 24 hours: inventory all StorageGRID deployments and identify instances with SSO/Entra ID enabled; disable Entra ID SSO integration as an interim measure if operationally feasible. Within 7 days: contact NetApp support to confirm affected versions in your environment and request patch availability timeline; implement network segmentation to restrict StorageGRID outbound connections. Within 30 days: apply patches immediately upon availability to versions 11.9.0.12 or 12.0.0.4 or later; re-enable SSO only after patching is complete.

Azure CVE-2026-22048

HIGH

Server-Side Request Forgery (SSRF) (CWE-918)

2026-02-18 security-alert@netapp.com

Azure SSRF

7.1

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.1 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 18, 2026 - 00:16 nvd

HIGH 7.1

DescriptionCVE.org

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an authenticated attacker with low privileges to delete configuration data or deny access to some resources.

AnalysisAI

Configuration deletion and resource denial in StorageGRID versions before 11.9.0.12 and 12.0.0.4 stems from an SSRF flaw in Microsoft Entra ID SSO integration, allowing authenticated attackers to manipulate backend requests. Successful exploitation enables deletion of configuration data or denial of access to storage resources despite requiring valid credentials to initiate the attack.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate as low-privilege user

Exploit

Craft malicious request targeting internal endpoint

Execution

SSRF vulnerability processes request

Impact

Delete configuration data or deny resource access