Lucene search

[email protected]CVE-2023-50359

HistoryFeb 02, 2024 - 4:15 p.m.

CVE-2023-50359

2024-02-0216:15:53

CWE-252

[email protected]

web.nvd.nist.gov

cve-2023-50359

qnap

vulnerability

qts

quts

security

nvd

patch

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors.

We have already fixed the vulnerability in the following versions:
QTS 5.1.5.2645 build 20240116 and later
QuTS hero h5.1.5.2647 build 20240118 and later

Affected configurations

NVD

Node

qnapqtsMatch5.1.0.2348build_20230325

qnapqtsMatch5.1.0.2399build_20230515

qnapqtsMatch5.1.0.2418build_20230603

qnapqtsMatch5.1.0.2444build_20230629

qnapqtsMatch5.1.0.2466build_20230721

qnapqtsMatch5.1.1.2491build_20230815

qnapqtsMatch5.1.2.2533build_20230926

qnapqtsMatch5.1.3.2578build_20231110

qnapqtsMatch5.1.4.2596build_20231128

qnapqtsMatch5.1.5.2645-

qnapquts_heroMatchh5.1.0.2409build_20230525

qnapquts_heroMatchh5.1.0.2424build_20230609

qnapquts_heroMatchh5.1.0.2453build_20230708

qnapquts_heroMatchh5.1.0.2466build_20230721

qnapquts_heroMatchh5.1.1.2488build_20230812

qnapquts_heroMatchh5.1.2.2534build_20230927

qnapquts_heroMatchh5.1.3.2578build_20231110

qnapquts_heroMatchh5.1.4.2596build_20231128

qnapquts_heroMatchh5.1.5.2647-

qnapqutscloudMatchc5.1.0.2498build_20230822

CPENameOperatorVersion
qnap:qtsqnap qtseq5.1.0.2348
qnap:qtsqnap qtseq5.1.0.2399
qnap:qtsqnap qtseq5.1.0.2418
qnap:qtsqnap qtseq5.1.0.2444
qnap:qtsqnap qtseq5.1.0.2466
qnap:qtsqnap qtseq5.1.1.2491
qnap:qtsqnap qtseq5.1.2.2533
qnap:qtsqnap qtseq5.1.3.2578
qnap:qtsqnap qtseq5.1.4.2596
qnap:qtsqnap qtseq5.1.5.2645

CPE	Name	Operator	Version
qnap:qts	qnap qts	eq	5.1.0.2348
qnap:qts	qnap qts	eq	5.1.0.2399
qnap:qts	qnap qts	eq	5.1.0.2418
qnap:qts	qnap qts	eq	5.1.0.2444
qnap:qts	qnap qts	eq	5.1.0.2466
qnap:qts	qnap qts	eq	5.1.1.2491
qnap:qts	qnap qts	eq	5.1.2.2533
qnap:qts	qnap qts	eq	5.1.3.2578
qnap:qts	qnap qts	eq	5.1.4.2596
qnap:qts	qnap qts	eq	5.1.5.2645

Rows per page:

1-10 of 201

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.1.5.2645 build 20240116",
        "status": "affected",
        "version": "5.1.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.1.5.2647 build 20240118",
        "status": "affected",
        "version": "h5.1.x",
        "versionType": "custom"
      }
    ]
  }
]