PT-2023-4592 · Qnap · Qnap Quts Hero H5.1.0+1
Domen Puncer Kugler
·
Published
2023-08-24
·
Updated
2023-08-31
·
CVE-2023-34973
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
QNAP QTS versions prior to 5.0.1.2425 build 20230609
QNAP QTS versions prior to 5.1.0.2444 build 20230629
QNAP QuTS hero h5.1.0 versions prior to 2424 build 20230609
Description
An insufficient entropy issue affects QNAP operating systems, potentially allowing remote users to predict secrets via unspecified vectors. This could enable unauthorized access to confidential data.
Recommendations
For QNAP QTS versions prior to 5.0.1.2425 build 20230609, update to QTS 5.0.1.2425 build 20230609 or later.
For QNAP QTS versions prior to 5.1.0.2444 build 20230629, update to QTS 5.1.0.2444 build 20230629 or later.
For QNAP QuTS hero h5.1.0 versions prior to 2424 build 20230609, update to QuTS hero h5.1.0.2424 build 20230609 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qnap Qts
Qnap Quts Hero H5.1.0