N/A

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directory or Azure, or user accounts that are disabled, expired, or locked in identity sources other than Active Directory or Azure must be manually removed from group memberships or have their S3 keys manually removed from Tenant Manager in all versions of StorageGRID (formerly StorageGRID Webscale).

N/A

N/A

Netapp StorageGRID 授权问题漏洞

Netapp StorageGRID是美国NetApp（Netapp）公司的一套对象存储解决方案。 StorageGRID（以前称为 StorageGRID Webscale）11.6.0 之前的版本存在安全漏洞，该漏洞可能会允许禁用、过期或锁定的外部用户帐户访问他们之前有权访问的 S3 数据。

N/A

N/A