CVE-2026-22048
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Lifecycle Timeline
2Description
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an authenticated attacker with low privileges to delete configuration data or deny access to some resources.
Analysis
Configuration deletion and resource denial in StorageGRID versions before 11.9.0.12 and 12.0.0.4 stems from an SSRF flaw in Microsoft Entra ID SSO integration, allowing authenticated attackers to manipulate backend requests. Successful exploitation enables deletion of configuration data or denial of access to storage resources despite requiring valid credentials to initiate the attack.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: inventory all StorageGRID deployments and identify instances with SSO/Entra ID enabled; disable Entra ID SSO integration as an interim measure if operationally feasible. Within 7 days: contact NetApp support to confirm affected versions in your environment and request patch availability timeline; implement network segmentation to restrict StorageGRID outbound connections. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today