StorageGRID 11.6.x DoS: LDR Service Crash Vulnerability
CVE-2023-27318 Published on February 5, 2024
Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through
11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A
successful exploit could lead to a crash of the Local Distribution
Router (LDR) service.
Vulnerability Analysis
CVE-2023-27318 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Uncaught Exception
An exception is thrown from a function, but it is not caught. When an exception is not caught, it may cause the program to crash or expose sensitive information.
Products Associated with CVE-2023-27318
Want to know whenever a new CVE is published for NetApp Storagegrid? stack.watch will email you.
Affected Versions
NetApp StorageGRID (formerly StorageGRID Webscale) :- Version 11.6.0, <= 11.6.0.13 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.