Vulnerability Details CVE-2025-26515
StorageGRID (formerly
StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without
Single Sign-on enabled are susceptible to a Server-Side Request Forgery
(SSRF) vulnerability. Successful exploit could allow an unauthenticated
attacker to change the password of any Grid Manager or Tenant Manager
non-federated user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-26515
-
cpe:2.3:a:netapp:storagegrid:-
-
cpe:2.3:a:netapp:storagegrid:10.0.0
-
cpe:2.3:a:netapp:storagegrid:11.1.1.10
-
cpe:2.3:a:netapp:storagegrid:11.1.1.11
-
cpe:2.3:a:netapp:storagegrid:11.2
-
cpe:2.3:a:netapp:storagegrid:11.2.0.5
-
cpe:2.3:a:netapp:storagegrid:11.2.0.6
-
cpe:2.3:a:netapp:storagegrid:11.2.0.7
-
cpe:2.3:a:netapp:storagegrid:11.2.0.8
-
cpe:2.3:a:netapp:storagegrid:11.3
-
cpe:2.3:a:netapp:storagegrid:11.3.0.1
-
cpe:2.3:a:netapp:storagegrid:11.3.0.10
-
cpe:2.3:a:netapp:storagegrid:11.3.0.11
-
cpe:2.3:a:netapp:storagegrid:11.3.0.12
-
cpe:2.3:a:netapp:storagegrid:11.3.0.3
-
cpe:2.3:a:netapp:storagegrid:11.3.0.4
-
cpe:2.3:a:netapp:storagegrid:11.3.0.5
-
cpe:2.3:a:netapp:storagegrid:11.3.0.6
-
cpe:2.3:a:netapp:storagegrid:11.3.0.8
-
cpe:2.3:a:netapp:storagegrid:11.4.0
-
cpe:2.3:a:netapp:storagegrid:11.4.0.1
-
cpe:2.3:a:netapp:storagegrid:11.4.0.2
-
cpe:2.3:a:netapp:storagegrid:11.4.0.3
-
cpe:2.3:a:netapp:storagegrid:11.4.0.4
-
cpe:2.3:a:netapp:storagegrid:11.4.0.5
-
cpe:2.3:a:netapp:storagegrid:11.4.0.6
-
cpe:2.3:a:netapp:storagegrid:11.5.0
-
cpe:2.3:a:netapp:storagegrid:11.5.0.1
-
cpe:2.3:a:netapp:storagegrid:11.5.0.2
-
cpe:2.3:a:netapp:storagegrid:11.5.0.3
-
cpe:2.3:a:netapp:storagegrid:11.5.0.4
-
cpe:2.3:a:netapp:storagegrid:11.5.0.5
-
cpe:2.3:a:netapp:storagegrid:11.6.0
-
cpe:2.3:a:netapp:storagegrid:11.6.0.13
-
cpe:2.3:a:netapp:storagegrid:11.7.0
-
cpe:2.3:a:netapp:storagegrid:11.7.0.3
-
cpe:2.3:a:netapp:storagegrid:11.7.0.4
-
cpe:2.3:a:netapp:storagegrid:11.7.0.5
-
cpe:2.3:a:netapp:storagegrid:11.7.0.6
-
cpe:2.3:a:netapp:storagegrid:11.7.0.8
-
cpe:2.3:a:netapp:storagegrid:11.7.0.9
-
cpe:2.3:a:netapp:storagegrid:11.8.0
-
cpe:2.3:a:netapp:storagegrid:11.8.0.1
-
cpe:2.3:a:netapp:storagegrid:11.8.0.11
-
cpe:2.3:a:netapp:storagegrid:11.8.0.12
-
cpe:2.3:a:netapp:storagegrid:11.8.0.13
-
cpe:2.3:a:netapp:storagegrid:11.8.0.14
-
cpe:2.3:a:netapp:storagegrid:11.8.0.2
-
cpe:2.3:a:netapp:storagegrid:11.8.0.3
-
cpe:2.3:a:netapp:storagegrid:11.8.0.5
-
cpe:2.3:a:netapp:storagegrid:11.8.0.6
-
cpe:2.3:a:netapp:storagegrid:11.8.0.7
-
cpe:2.3:a:netapp:storagegrid:11.8.0.8
-
cpe:2.3:a:netapp:storagegrid:11.8.0.9
-
cpe:2.3:a:netapp:storagegrid:11.9.0
-
cpe:2.3:a:netapp:storagegrid:11.9.0.1
-
cpe:2.3:a:netapp:storagegrid:11.9.0.2
-
cpe:2.3:a:netapp:storagegrid:11.9.0.3
-
cpe:2.3:a:netapp:storagegrid:11.9.0.4
-
cpe:2.3:a:netapp:storagegrid:11.9.0.5
-
cpe:2.3:a:netapp:storagegrid:11.9.0.6
-
cpe:2.3:a:netapp:storagegrid:11.9.0.7
-
cpe:2.3:a:netapp:storagegrid:7.5.5
-
cpe:2.3:a:netapp:storagegrid:8.0.6
-
cpe:2.3:a:netapp:storagegrid:8.1.3
-
cpe:2.3:a:netapp:storagegrid:8.5.0
-
cpe:2.3:a:netapp:storagegrid:8.5.1
-
cpe:2.3:a:netapp:storagegrid:8.5.3
-
cpe:2.3:a:netapp:storagegrid:9.0.0
-
cpe:2.3:a:netapp:storagegrid:9.0.1
-
cpe:2.3:a:netapp:storagegrid:9.0.2
-
cpe:2.3:a:netapp:storagegrid:9.0.4