NuytsTech Security

CVE-2025-26515

by ·

StorageGRID (formerly
StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without
Single Sign-on enabled are susceptible to a Server-Side Request Forgery
(SSRF) vulnerability. Successful exploit could allow an unauthenticated
attacker to change the password of any Grid Manager or Tenant Manager
non-federated user.

More information : https://security.netapp.com/advisory/NTAP-20250910-0002

Tags: