exploitDog

CVE-2021-38686

Опубликовано: 26 нояб. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later

Ссылки

https://www.qnap.com/en/security-advisory/qsa-21-52
Vendor Advisory
https://www.qnap.com/en/security-advisory/qsa-21-52
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnap:qvr:*:*:*:*:*:*:*:*

Версия до 5.1.6 (исключая)

EPSS

Процентиль: 51%

0.0028

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-8qv9-29c6-9v3g

github

больше 3 лет назад

An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later

EPSS

Процентиль: 51%

0.0028

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-287