Detections
Analytics

NetApp ONTAP 9.16.1 < 9.16.1P9 / 9.17.1 < 9.17.1P2 Locked Snapshot Vulnerability (NTAP-20260112-0001)

medium Nessus Plugin ID 286267

Synopsis

The remote host is affected by an Locked Snapshot Vulnerability.

Description

The version of NetApp ONTAP running on the remote host is 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2. It is, therefore, affected by a Locked Snapshot vulnerability as detailed in the NTAP-20260112-0001 advisory.

- ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none. (CVE-2026-22050)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to NetApp ONTAP version 9.16.1P9, 9.17.1P2, or later.

See Also

https://security.netapp.com/advisory/NTAP-20260112-0001/

Plugin Details

Severity: Medium

ID: 286267

File Name: netapp_ontap_NTAP-20260112-0001.nasl

Version: 1.1

Type: local

Family: Misc.

Published: 1/15/2026

Updated: 1/15/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N

CVSS Score Source: CVE-2026-22050

CVSS v3

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS v4

Risk Factor: Medium

Base Score: 6.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Vulnerability Information

CPE: cpe:/o:netapp:data_ontap

Required KB Items: Host/NetApp/ONTAP/display_version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/12/2026

Vulnerability Publication Date: 1/12/2026

Reference Information

CVE: CVE-2026-22050