Active IQ OneCollect version 2.7.3 contains hard‑coded credentials that enable an authenticated attacker with low privileges to initiate AutoSupport operations that are normally restricted. The flaw represents a misuse of credentials (CWE‑259). Based on the description, it is inferred that this could allow the attacker to access diagnostic data or other sensitive information included in AutoSupport reports. The vulnerability does not provide remote code execution or full system compromise; its impact is limited to the permissions of the authenticated account, but it allows those accounts to perform actions they should not be able to perform.

NetApp Active IQ OneCollect in version 2.7.3 is affected; no other versions are explicitly listed.

The CVSS score is 5.3, indicating moderate severity. The EPSS score is 0.00042 (<1%), indicating a very low exploitation probability. The vulnerability is not listed in the CISA KEV catalog, suggesting it has not been observed in the wild. Exploitation requires authentication; the hard‑coded credentials allow an attacker to use the AutoSupport feature and perform privileged operations that the user profile does not normally permit. Based on the description, it is inferred that the likely attack vector involves an attacker logging into the system with a low‑privilege account and then issuing command requests to the AutoSupport API.