PT-2023-8505 · Qnap · Qutscloud+2

Rekter0

Published

2023-07-27

Updated

2024-02-06

CVE-2023-39303

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.1.3.2578 build 20231110 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTScloud versions prior to c5.1.5.2651

Description The issue is related to improper authentication procedures in QNAP operating systems, which could allow a remote attacker to compromise the target system.

Recommendations For QTS versions prior to 5.1.3.2578 build 20231110, update to version 5.1.3.2578 build 20231110 or later. For QuTS hero versions prior to h5.1.3.2578 build 20231110, update to version h5.1.3.2578 build 20231110 or later. For QuTScloud versions prior to c5.1.5.2651, update to version c5.1.5.2651 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

BDU:2024-01043

CVE-2023-39303

Affected Products

Qts

Quts Hero

Qutscloud

PT-2023-8505 · Qnap · Qutscloud+2

CVE-2023-39303

Weakness Enumeration

Related Identifiers

Affected Products

References · 7