Authentication flaw

2024-02-0216:15:00

PRIOn knowledge base

www.prio-n.com

improper authentication

qnap os

security compromise

network exploitation

vulnerability fix

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.1%

JSON

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.1.3.2578 build 20231110 and later
QuTS hero h5.1.3.2578 build 20231110 and later
QuTScloud c5.1.5.2651 and later

CPENameOperatorVersion
qtseq5.1.0.2348 build-20230325
qtseq5.1.0.2418 build-20230603
qtseq5.1.0.2399 build-20230515
qtseq5.1.0.2466 build-20230721
qtseq5.1.1.2491 build-20230815
qtseq5.1.0.2444 build-20230629
qtseq5.1.2.2533 build-20230926
qtseq5.1.3.2578
quts_heroeqh5.1.0.2409 build-20230525
quts_heroeqh5.1.1.2488 build-20230812

Name	Operator	Version
qts	eq	5.1.0.2348 build-20230325
qts	eq	5.1.0.2418 build-20230603
qts	eq	5.1.0.2399 build-20230515
qts	eq	5.1.0.2466 build-20230721
qts	eq	5.1.1.2491 build-20230815
qts	eq	5.1.0.2444 build-20230629
qts	eq	5.1.2.2533 build-20230926
qts	eq	5.1.3.2578
quts_hero	eq	h5.1.0.2409 build-20230525
quts_hero	eq	h5.1.1.2488 build-20230812