Beware! SnapCenter Admin Privilege Escalation Vulnerability Affecting NetApp Users

CVECVE-2023-27316
CVSScvssV3_1: 8.8
SourceCVE-2023-27316

The popular data management tool SnapCenter from NetApp is affected by a critical vulnerability that allows authenticated users to gain admin privileges on remote systems.

SnapCenter is used to backup, restore and clone data across physical and virtual environments. It uses plugins installed on remote systems to connect and manage data.

The vulnerability tracked as CVE-2023-27316 with a CVSS score of 8.8 may allow a SnapCenter Server user to exploit a flaw and become an administrator on any remote system where a SnapCenter plugin is installed.

By authenticating to the SnapCenter Server, an attacker could potentially run commands as the admin user on the remote system. This would give them full control over that system.

NetApp users are advised to immediately apply the latest patches for SnapCenter versions 4.8 through 4.9 released by NetApp to fix this privilege escalation vulnerability. Admin users of systems with SnapCenter plugins should also change credentials.

Regularly updating software and using strong unique credentials for admin accounts is recommended to prevent exploitation of such vulnerabilities in the future. Contact NetApp support if you have any other questions.

References