CVE-2023-39298

216.73.217.22

· Published 06/09/2024 17:15 · Modified 20/09/2024 16:39

Labels: CVE-2023-39298 2024-09-06 CVE-2023-39298 CWE-862 [email protected]

Essential information

Published: 06/09/2024 17:15
Modified: 20/09/2024 16:39
Author: —
Creator: —
CVSS: 7.8 HIGH (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors. QuTScloud, is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2737 build 20240417 and later QuTS hero h5.2.0.2782 build 20240601 and later

NVD status

Status: Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.3.2578:build_20231110::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.4.2596:build_20231128::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.5.2645:build_20240116::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.5.2679:build_20240219::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.6.2722:build_20240402::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.7.2770:build_20240520::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.1.8.2823:build_20240712::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417::::::`
qnap / qts	`cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:build_20231110::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.4.2596:build_20231128::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.5.2647:build_20240118::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.5.2680:build_20240220::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.6.2734:build_20240414::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.7.2770:build_20240520::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.7.2788:build_20240607::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.7.2794:build_20240613::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.1.8.2823:build_20240712::::::`
qnap / quts hero	`cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417::::::`