CVE-2023-45037

CVSS v2.0

8.3

High

Vector

AV:N/AC:L/Au:M/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.1.3.2578 build 20231110 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTScloud versions prior to c5.1.5.2651

Description The issue is related to a buffer copy without checking the size of input data, which could allow a remote attacker to execute arbitrary code. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.

Recommendations For QTS versions prior to 5.1.3.2578 build 20231110, update to version 5.1.3.2578 build 20231110 or later. For QuTS hero versions prior to h5.1.3.2578 build 20231110, update to version h5.1.3.2578 build 20231110 or later. For QuTScloud versions prior to c5.1.5.2651, update to version c5.1.5.2651 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2024-01298

CVE-2023-45037

Affected Products

Qts

Quts Hero

Qutscloud

CVE-2023-45037

Weakness Enumeration

Related Identifiers

Affected Products

References · 6