CVE-2020-2498

Name of the Vulnerable Software and Affected Versions QTS versions prior to 4.5.1.1456 build 20201015 QuTS hero versions prior to h4.5.1.1472 build 20201031 QTS versions prior to 4.4.3.1354 build 20200702 QTS versions prior to 4.3.6.1333 build 20200608 QTS versions prior to 4.3.4.1368 build 20200703 QTS versions prior to 4.3.3.1315 build 20200611 QTS versions prior to 4.2.6 build 20200611

Description This cross-site scripting issue could allow remote attackers to inject malicious code in certificate configuration.

Recommendations For QTS versions prior to 4.5.1.1456 build 20201015, update to QTS 4.5.1.1456 build 20201015 or later. For QuTS hero versions prior to h4.5.1.1472 build 20201031, update to QuTS hero h4.5.1.1472 build 20201031 or later. For QTS versions prior to 4.4.3.1354 build 20200702, update to QTS 4.4.3.1354 build 20200702 or later. For QTS versions prior to 4.3.6.1333 build 20200608, update to QTS 4.3.6.1333 build 20200608 or later. For QTS versions prior to 4.3.4.1368 build 20200703, update to QTS 4.3.4.1368 build 20200703 or later. For QTS versions prior to 4.3.3.1315 build 20200611, update to QTS 4.3.3.1315 build 20200611 or later. For QTS versions prior to 4.2.6 build 20200611, update to QTS 4.2.6 build 20200611 or later.