exploitDog

CVE-2017-13068

Опубликовано: 06 окт. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

Ссылки

https://www.qnap.com/en/security-advisory/nas-201709-29
Vendor Advisory
https://www.qnap.com/en/security-advisory/nas-201709-29
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnap:qts_helpdesk:*:*:*:*:*:*:*:*

Версия до 1.1.12 (включая)

EPSS

Процентиль: 79%

0.01224

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-9wh9-2m7m-52vq

CVSS3: 7.5

github

больше 3 лет назад

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

EPSS

Процентиль: 79%

0.01224

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89