CVE-2024-22216
Last modified
CVE-2024-22216 is a critical-severity vulnerability rated 10/10 on the CVSS scale. In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339).. EPSS estimates a 0.53% chance of exploitation in the next 30 days.
Description
In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339).
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microchip | Maxview Storage Manager | >= 3.00.23484, <= 4.14.00.26064 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-22216?
How severe is CVE-2024-22216?
How do I fix CVE-2024-22216?
Are you affected by CVE-2024-22216?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST