CVE-2024-21993

🔶 medium

SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials.

CVSS Score

5.7

Medium

EPSS Score

0.1

Exploit Probability

Published Date

2024-07-09

First Seen: 2026-01-05

This CVE is Lower Risk - more severe than 32.9% of all 329,456 vulnerabilities in our database.

#221,102

Below average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

SSVC data provided by CISA

Last Modified 2025-03-27

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CWE IDs (Weakness Types)

CWE-312

📦 Affected Products 2

Vendor	Product	Status	Affected Versions
netapp	snapcenter	Affected	< 5.0
netapp	snapcenter	Affected	v5.0

Vendor Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-21583	🔶 medium	4.9	0.1	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affecte...	2025-04-15
CVE-2025-30722	🔶 medium	5.3	0.1	Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are a...	2025-04-15
CVE-2025-26512	⛔ critical	9.9	0.1	SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated Sna...	2025-03-24
CVE-2024-47554	🔶 medium	4.3	0.2	Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader c...	2024-10-03
CVE-2024-20993	🔶 medium	4.9	0.2	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are a...	2024-04-16
CVE-2024-20994	🔶 medium	5.3	0.4	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions t...	2024-04-16

These CVEs affect the same products