Active IQ OneCollect 2.7.3 Hard-Coded Creds Enable Low-Priv AutoSupport Abuse
CVE-2026-22055 Published on June 3, 2026

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.

Vendor Advisory NVD

Weakness Type

Use of Hard-coded Password

The software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

Affected Versions

NETAPP Active IQ OneCollect Version 2.7.3 is affected by CVE-2026-22055

Exploit Probability

EPSS

0.04%

Percentile

11.91%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Active IQ OneCollect 2.7.3 Hard-Coded Creds Enable Low-Priv AutoSupport AbuseCVE-2026-22055 Published on June 3, 2026

Weakness Type

Use of Hard-coded Password

Affected Versions

Exploit Probability

Active IQ OneCollect 2.7.3 Hard-Coded Creds Enable Low-Priv AutoSupport Abuse
CVE-2026-22055 Published on June 3, 2026