CVE-2023-47221

Опубликовано: 08 мар. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 4.9

EPSS Низкий

Описание

We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later

Ссылки

https://www.qnap.com/en/security-advisory/qsa-24-13
Vendor Advisory
https://www.qnap.com/en/security-advisory/qsa-24-13
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*

Версия от 6.4.0 (включая) до 6.4.2 (исключая)

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-2v7w-v8fj-mf99

CVSS3: 5.5

github

почти 2 года назад

A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-22