Active IQ Config Advisor <6.7.3 Allows Unpriv AutoSupport via HardCoded Creds
CVE-2026-22054 Published on June 3, 2026

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.

Vendor Advisory NVD

Weakness Type

Use of Hard-coded Password

The software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

Affected Versions

NETAPP Active IQ Config Advisor Version 6.7.3 is affected by CVE-2026-22054

Exploit Probability

EPSS

0.04%

Percentile

13.02%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Active IQ Config Advisor <6.7.3 Allows Unpriv AutoSupport via HardCoded CredsCVE-2026-22054 Published on June 3, 2026

Weakness Type

Use of Hard-coded Password

Affected Versions

Exploit Probability

Active IQ Config Advisor <6.7.3 Allows Unpriv AutoSupport via HardCoded Creds
CVE-2026-22054 Published on June 3, 2026