Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0815
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Qnap | N/A | QVPN Windows 2.1.x versions antérieures à 2.1.0.0518 | ||
| Qnap | QuTS hero | QuTS hero h5.0.x versions antérieures à h5.0.1.2515 build 20230907 | ||
| Qnap | N/A | QuTScloud c5.x versions antérieures à c5.1.0.2498 | ||
| Qnap | QTS | QTS 5.0.x versions antérieures à 5.0.1.2425 build 20230609 | ||
| Qnap | QTS | QTS 4.5.x versions antérieures à 4.5.4.2467 build 20230718 | ||
| Qnap | QuTS hero | QuTS hero h5.1.x versions antérieures à h5.1.0.2424 build 20230609 | ||
| Qnap | QuTS hero | QuTS hero h4.5.x versions antérieures à h4.5.4.2476 build 20230728 | ||
| Qnap | Music Station | Qnap Music Station versions 5.3.x antérieures à 5.3.22 | ||
| Qnap | N/A | QVPN Windows 2.2.x versions antérieures à 2.2.0.0823 | ||
| Qnap | QTS | QTS 5.1.x versions antérieures à 5.1.0.2444 build 20230629 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QVPN Windows 2.1.x versions ant\u00e9rieures \u00e0 2.1.0.0518",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTS hero h5.0.x versions ant\u00e9rieures \u00e0 h5.0.1.2515 build 20230907",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTScloud c5.x versions ant\u00e9rieures \u00e0 c5.1.0.2498",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS 5.0.x versions ant\u00e9rieures \u00e0 5.0.1.2425 build 20230609",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS 4.5.x versions ant\u00e9rieures \u00e0 4.5.4.2467 build 20230718",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTS hero h5.1.x versions ant\u00e9rieures \u00e0 h5.1.0.2424 build 20230609",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuTS hero h4.5.x versions ant\u00e9rieures \u00e0 h4.5.4.2476 build 20230728",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "Qnap Music Station versions 5.3.x ant\u00e9rieures \u00e0 5.3.22",
"product": {
"name": "Music Station",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QVPN Windows 2.2.x versions ant\u00e9rieures \u00e0 2.2.0.0823",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS 5.1.x versions ant\u00e9rieures \u00e0 5.1.0.2444 build 20230629",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-20052",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20052"
},
{
"name": "CVE-2023-32972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32972"
},
{
"name": "CVE-2023-23366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23366"
},
{
"name": "CVE-2023-23365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23365"
},
{
"name": "CVE-2023-23370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23370"
},
{
"name": "CVE-2023-32971",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32971"
},
{
"name": "CVE-2023-20032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20032"
},
{
"name": "CVE-2023-23371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23371"
}
],
"initial_release_date": "2023-10-09T00:00:00",
"last_revision_date": "2023-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0815",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Qnap\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-23-26 du 07 octobre 2023",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-26"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-23-39 du 07 octobre 2023",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-39"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-23-36 du 07 octobre 2023",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-36"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-23-28 du 07 octobre 2023",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-28"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-23-37 du 07 octobre 2023",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-37"
}
]
}
CVE-2023-23366 (GCVE-0-2023-23366)
Vulnerability from cvelistv5
Published
2023-10-06 16:34
Modified
2024-09-19 15:20
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Music Station |
Version: 5.3.x < 5.3.22 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:01:22.022541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:20:25.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Music Station",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.3.22",
"status": "affected",
"version": "5.3.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Erik de Jong"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eMusic Station 5.3.22 and later\u003cbr\u003e"
}
],
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126"
}
]
},
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:34:01.529Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eMusic Station 5.3.22 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
}
],
"source": {
"advisory": "QSA-23-28",
"discovery": "EXTERNAL"
},
"title": "Music Station",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-23366",
"datePublished": "2023-10-06T16:34:01.529Z",
"dateReserved": "2023-01-11T20:15:53.086Z",
"dateUpdated": "2024-09-19T15:20:25.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32972 (GCVE-0-2023-32972)
Vulnerability from cvelistv5
Published
2023-10-06 16:36
Modified
2024-09-19 14:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.1.0.2498 and later
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| QNAP Systems Inc. | QTS |
Version: 5.0.x < 5.0.1.2425 build 20230609 Version: 5.1.x < 5.1.0.2444 build 20230629 Version: 4.5.x < 4.5.4.2467 build 20230718 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-37"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:17:43.838410Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:40:09.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.0.1.2425 build 20230609",
"status": "affected",
"version": "5.0.x",
"versionType": "custom"
},
{
"lessThan": "5.1.0.2444 build 20230629",
"status": "affected",
"version": "5.1.x",
"versionType": "custom"
},
{
"lessThan": "4.5.4.2467 build 20230718",
"status": "affected",
"version": "4.5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.0.1.2515 build 20230907",
"status": "affected",
"version": "h5.0.x",
"versionType": "custom"
},
{
"lessThan": "h5.1.0.2424 build 20230609",
"status": "affected",
"version": "h5.1.x",
"versionType": "custom"
},
{
"lessThan": "h4.5.4.2476 build 20230728",
"status": "affected",
"version": "h4.5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTScloud",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "c5.1.0.2498",
"status": "affected",
"version": "c5.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jiaxu Zhao \u0026\u0026 Bingwei Peng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2425 build 20230609 and later\u003cbr\u003eQTS 5.1.0.2444 build 20230629 and later\u003cbr\u003eQTS 4.5.4.2467 build 20230718 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.0.2424 build 20230609 and later\u003cbr\u003eQuTS hero h4.5.4.2476 build 20230728 and later\u003cbr\u003eQuTScloud c5.1.0.2498 and later\u003cbr\u003e"
}
],
"value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2425 build 20230609 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:36:33.766Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-37"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2425 build 20230609 and later\u003cbr\u003eQTS 5.1.0.2444 build 20230629 and later\u003cbr\u003eQTS 4.5.4.2467 build 20230718 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.0.2424 build 20230609 and later\u003cbr\u003eQuTS hero h4.5.4.2476 build 20230728 and later\u003cbr\u003eQuTScloud c5.1.0.2498 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2425 build 20230609 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"source": {
"advisory": "QSA-23-37",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero, QuTScloud",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-32972",
"datePublished": "2023-10-06T16:36:33.766Z",
"dateReserved": "2023-05-16T10:44:49.056Z",
"dateUpdated": "2024-09-19T14:40:09.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20032 (GCVE-0-2023-20032)
Vulnerability from cvelistv5
Published
2023-02-16 15:24
Modified
2024-08-02 08:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Secure Web Appliance |
Version: 11.7.0-406 Version: 11.7.0-418 Version: 11.7.1-049 Version: 11.7.1-006 Version: 11.7.1-020 Version: 11.7.2-011 Version: 11.8.0-414 Version: 11.8.1-023 Version: 11.8.3-018 Version: 11.8.3-021 Version: 12.0.1-268 Version: 12.0.3-007 Version: 12.5.2-007 Version: 12.5.1-011 Version: 12.5.4-005 Version: 12.5.5-004 Version: 14.5.0-498 Version: 14.0.3-014 Version: 14.0.2-012 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-clamav-q8DThCy",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.7.0-406"
},
{
"status": "affected",
"version": "11.7.0-418"
},
{
"status": "affected",
"version": "11.7.1-049"
},
{
"status": "affected",
"version": "11.7.1-006"
},
{
"status": "affected",
"version": "11.7.1-020"
},
{
"status": "affected",
"version": "11.7.2-011"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "14.0.2-012"
}
]
},
{
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "7.3.5"
}
]
},
{
"product": "Cisco Secure Endpoint Private Cloud Administration Portal",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a proof-of-concept is available that demonstrates that this vulnerability can be used to cause a buffer overflow and subsequent process termination.\r\n\r\nAdditional technical information is also available that describes this vulnerability in detail.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:34.558Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-q8DThCy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
}
],
"source": {
"advisory": "cisco-sa-clamav-q8DThCy",
"defects": [
"CSCwd74135",
"CSCwd74134",
"CSCwd74133",
"CSCwe18204",
"CSCwd74132"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20032",
"datePublished": "2023-02-16T15:24:05.173Z",
"dateReserved": "2022-10-27T18:47:50.315Z",
"dateUpdated": "2024-08-02T08:57:35.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32971 (GCVE-0-2023-32971)
Vulnerability from cvelistv5
Published
2023-10-06 16:36
Modified
2024-09-19 14:44
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.1.0.2498 and later
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| QNAP Systems Inc. | QTS |
Version: 5.0.x < 5.0.1.2425 build 20230609 Version: 5.1.x < 5.1.0.2444 build 20230629 Version: 4.5.x < 4.5.4.2467 build 20230718 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-37"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:17:52.786309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:44:32.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.0.1.2425 build 20230609",
"status": "affected",
"version": "5.0.x",
"versionType": "custom"
},
{
"lessThan": "5.1.0.2444 build 20230629",
"status": "affected",
"version": "5.1.x",
"versionType": "custom"
},
{
"lessThan": "4.5.4.2467 build 20230718",
"status": "affected",
"version": "4.5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.0.1.2515 build 20230907",
"status": "affected",
"version": "h5.0.x",
"versionType": "custom"
},
{
"lessThan": "h5.1.0.2424 build 20230609",
"status": "affected",
"version": "h5.1.x",
"versionType": "custom"
},
{
"lessThan": "h4.5.4.2476 build 20230728",
"status": "affected",
"version": "h4.5.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTScloud",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "c5.1.0.2498",
"status": "affected",
"version": "c5.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jiaxu Zhao \u0026\u0026 Bingwei Peng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2425 build 20230609 and later\u003cbr\u003eQTS 5.1.0.2444 build 20230629 and later\u003cbr\u003eQTS 4.5.4.2467 build 20230718 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.0.2424 build 20230609 and later\u003cbr\u003eQuTS hero h4.5.4.2476 build 20230728 and later\u003cbr\u003eQuTScloud c5.1.0.2498 and later\u003cbr\u003e"
}
],
"value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2425 build 20230609 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:36:19.114Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-37"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2425 build 20230609 and later\u003cbr\u003eQTS 5.1.0.2444 build 20230629 and later\u003cbr\u003eQTS 4.5.4.2467 build 20230718 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.0.2424 build 20230609 and later\u003cbr\u003eQuTS hero h4.5.4.2476 build 20230728 and later\u003cbr\u003eQuTScloud c5.1.0.2498 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2425 build 20230609 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"source": {
"advisory": "QSA-23-37",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero, QuTScloud",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-32971",
"datePublished": "2023-10-06T16:36:19.114Z",
"dateReserved": "2023-05-16T10:44:49.056Z",
"dateUpdated": "2024-09-19T14:44:32.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23365 (GCVE-0-2023-23365)
Vulnerability from cvelistv5
Published
2023-10-06 16:33
Modified
2024-09-19 15:20
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Music Station |
Version: 5.3.x < 5.3.22 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:01:28.199991Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:20:40.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Music Station",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.3.22",
"status": "affected",
"version": "5.3.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Erik de Jong"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eMusic Station 5.3.22 and later\u003cbr\u003e"
}
],
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126"
}
]
},
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:33:40.264Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eMusic Station 5.3.22 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
}
],
"source": {
"advisory": "QSA-23-28",
"discovery": "EXTERNAL"
},
"title": "Music Station",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-23365",
"datePublished": "2023-10-06T16:33:40.264Z",
"dateReserved": "2023-01-11T20:15:53.085Z",
"dateUpdated": "2024-09-19T15:20:40.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23371 (GCVE-0-2023-23371)
Vulnerability from cvelistv5
Published
2023-10-06 16:36
Modified
2024-09-19 14:45
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.2.0.0823 and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QVPN Windows |
Version: 2.2.x < 2.2.0.0823 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-39"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:24:41.197936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:45:34.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QVPN Windows",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.2.0.0823",
"status": "affected",
"version": "2.2.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Runzi Zhao, Security Researcher, QI-ANXIN"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.2.0.0823 and later\u003cbr\u003e"
}
],
"value": "A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nQVPN Windows 2.2.0.0823 and later\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-319",
"description": "CWE-319",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:36:01.562Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-39"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.2.0.0823 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQVPN Windows 2.2.0.0823 and later\n"
}
],
"source": {
"advisory": "QSA-23-39",
"discovery": "EXTERNAL"
},
"title": "QVPN Device Client",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-23371",
"datePublished": "2023-10-06T16:36:01.562Z",
"dateReserved": "2023-01-11T20:15:53.087Z",
"dateUpdated": "2024-09-19T14:45:34.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23370 (GCVE-0-2023-23370)
Vulnerability from cvelistv5
Published
2023-10-06 16:35
Modified
2024-09-19 14:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.1.0.0518 and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QVPN Windows |
Version: 2.1.x < 2.1.0.0518 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-36"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:24:52.333805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:45:53.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QVPN Windows",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.1.0.0518",
"status": "affected",
"version": "2.1.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Runzi Zhao, Security Researcher, QI-ANXIN"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.1.0.0518 and later\u003cbr\u003e"
}
],
"value": "An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nQVPN Windows 2.1.0.0518 and later\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:35:48.415Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-36"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.1.0.0518 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQVPN Windows 2.1.0.0518 and later\n"
}
],
"source": {
"advisory": "QSA-23-36",
"discovery": "EXTERNAL"
},
"title": "QVPN Device Client",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-23370",
"datePublished": "2023-10-06T16:35:48.415Z",
"dateReserved": "2023-01-11T20:15:53.086Z",
"dateUpdated": "2024-09-19T14:45:53.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20052 (GCVE-0-2023-20052)
Vulnerability from cvelistv5
Published
2023-02-16 15:26
Modified
2024-08-02 08:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Version: 6.0.9 Version: 6.0.7 Version: 6.1.5 Version: 6.1.7 Version: 6.1.9 Version: 6.2.1 Version: 6.2.5 Version: 6.2.19 Version: 6.2.9 Version: 6.3.5 Version: 6.3.1 Version: 6.3.7 Version: 6.3.3 Version: 7.0.5 Version: 7.1.1 Version: 7.1.5 Version: 1.12.1 Version: 1.12.2 Version: 1.12.5 Version: 1.12.0 Version: 1.12.6 Version: 1.12.3 Version: 1.12.7 Version: 1.12.4 Version: 1.13.0 Version: 1.13.1 Version: 1.13.2 Version: 1.11.0 Version: 1.10.2 Version: 1.10.1 Version: 1.10.0 Version: 1.14.0 Version: 1.6.0 Version: 1.9.0 Version: 1.9.1 Version: 1.8.1 Version: 1.8.0 Version: 1.8.4 Version: 1.7.0 Version: 7.2.13 Version: 7.2.7 Version: 7.2.3 Version: 7.2.11 Version: 7.2.5 Version: 7.3.3 Version: 7.3.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-clamav-xxe-TcSZduhN",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:38.974Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-xxe-TcSZduhN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
}
],
"source": {
"advisory": "cisco-sa-clamav-xxe-TcSZduhN",
"defects": [
"CSCwd87111",
"CSCwd87112",
"CSCwd87113"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20052",
"datePublished": "2023-02-16T15:26:12.863Z",
"dateReserved": "2022-10-27T18:47:50.319Z",
"dateUpdated": "2024-08-02T08:57:35.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…