exploitDog

CVE-2021-28810

Опубликовано: 08 июн. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later

Ссылки

https://www.qnap.com/zh-tw/security-advisory/qsa-21-17
Vendor Advisory
https://www.qnap.com/zh-tw/security-advisory/qsa-21-17
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnap:roon_server:*:*:*:*:*:*:*:*

Версия до 2021-05-18 (исключая)

EPSS

Процентиль: 48%

0.00251

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-290

Связанные уязвимости

GHSA-9f4w-c8mj-53r3

github

больше 3 лет назад

If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later

EPSS

Процентиль: 48%

0.00251

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-290