PT-2020-8656 · Qnap · Helpdesk

Published

2020-09-11

Updated

2020-09-16

CVE-2018-19947

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Helpdesk versions prior to 3.0.3

Description: The issue is an information exposure vulnerability that could disclose sensitive information if exploited. It is reported to affect earlier versions of Helpdesk. QNAP has fixed the issue in Helpdesk 3.0.3 and later.

Recommendations: For versions prior to 3.0.3, update to Helpdesk 3.0.3 or a later version to resolve the issue.

Fix

Information Disclosure

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-210CWE-200CWE-209

Related Identifiers

CVE-2018-19947

Affected Products

Helpdesk

PT-2020-8656 · Qnap · Helpdesk

CVE-2018-19947

Weakness Enumeration

Related Identifiers

Affected Products

References · 4