Описание
Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files using particular parameter in download function. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.3 (исключая)
cpe:2.3:a:qsan:storage_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00218
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files using particular parameter in download function.
EPSS
Процентиль: 44%
0.00218
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-Other