Skip to main content

Active Iq Onecollect

1 CVEs product

Monthly

CVE-2026-22055 MEDIUM This Month

Hard-coded credentials embedded in NetApp Active IQ OneCollect 2.7.3 allow any low-privileged authenticated user to perform unauthorized AutoSupport operations beyond their intended authorization scope. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N) confirms network-accessible exploitation with low complexity, requiring only a low-privilege account with no special attack conditions. No public exploit has been identified and the vulnerability does not appear in the CISA KEV catalog at time of analysis.

Authentication Bypass Active Iq Onecollect
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Hard-coded credentials embedded in NetApp Active IQ OneCollect 2.7.3 allow any low-privileged authenticated user to perform unauthorized AutoSupport operations beyond their intended authorization scope. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N) confirms network-accessible exploitation with low complexity, requiring only a low-privilege account with no special attack conditions. No public exploit has been identified and the vulnerability does not appear in the CISA KEV catalog at time of analysis.

Authentication Bypass Active Iq Onecollect
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy