ID |
CVE-2024-21903
|
Sažetak |
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.6.2722 build 20240402 and later
QuTS hero h5.1.6.2734 build 20240414 and later |
Reference |
|
CVSS |
Base: | 4.7 |
Impact: | 3.4 |
Exploitability: | 1.2 |
|
Pristup |
Vektor | Složenost | Autentikacija |
NETWORK |
LOW |
HIGH |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
LOW |
LOW |
LOW |
|
CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
Zadnje važnije ažuriranje |
11-09-2024 - 13:36 |
Objavljeno |
06-09-2024 - 17:15 |