SnapCenter is a unified, scalable platform for application-consistent data protection and clone management. It simplifies backup, restore, and clone lifecycle management processes for enterprise applications, databases, and file systems. SnapCenter provides a centralized interface to manage snapshot copies, backup operations, and data cloning across hybrid cloud environments.

SnapCenter

SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-26512	CRITICAL	9.9	SnapCenter	cpe:2.3:a:netapp:snapcenter	No	Yes	Mar 24, 2025
CVE-2023-27313	HIGH	8.8	SnapCenter	cpe:2.3:a:netapp:snapcenter	No	Yes	Oct 12, 2023
CVE-2023-27316	HIGH	7.8	SnapCenter	cpe:2.3:a:netapp:snapcenter	No	No	Oct 12, 2023
CVE-2024-21993	MEDIUM	6.5	SnapCenter	cpe:2.3:a:netapp:snapcenter	No	No	Jul 09, 2024
CVE-2024-21987	MEDIUM	5.4	SnapCenter	cpe:2.3:a:netapp:snapcenter	No	Yes	Feb 16, 2024

CVE-2023-1096:
SnapCenter vulnerability analysis and mitigation

9.8

Related SnapCenter vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2023-1096: SnapCenter vulnerability analysis and mitigation