github - ghsa-h99w-73g9-4qjx

ghsa-h99w-73g9-4qjx

Vulnerability from github

Published

2022-05-13 01:48

Modified

2022-05-13 01:48

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-0706"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-17T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "Exposure of Private Information in QNAP Q\u0027center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.",
  "id": "GHSA-h99w-73g9-4qjx",
  "modified": "2022-05-13T01:48:19Z",
  "published": "2022-05-13T01:48:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0706"
    },
    {
      "type": "WEB",
      "url": "https://www.coresecurity.com/advisories/qnap-qcenter-virtual-appliance-multiple-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45015"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45043"
    },
    {
      "type": "WEB",
      "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201807-10"
    },
    {
      "type": "WEB",
      "url": "https://www.securityfocus.com/archive/1/542141/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/148515/QNAP-Qcenter-Virtual-Appliance-1.6.x-Information-Disclosure-Command-Injection.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2018/Jul/45"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2018-0706 (GCVE-0-2018-0706)

Vulnerability from cvelistv5

Published

2018-07-16 15:00

Modified

2024-09-17 02:20

Severity ?

CWE

Exposure of Private Information

Summary

Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.

References

URL

Tags

	https://www.exploit-db.com/exploits/45015/	exploit, x_refsource_EXPLOIT-DB
	https://www.coresecurity.com/advisories/qnap-qcenter-virtual-appliance-multiple-vulnerabilities	x_refsource_MISC
	http://seclists.org/fulldisclosure/2018/Jul/45	mailing-list, x_refsource_FULLDISC
	http://packetstormsecurity.com/files/148515/QNAP-Qcenter-Virtual-Appliance-1.6.x-Information-Disclosure-Command-Injection.html	x_refsource_MISC
	https://www.exploit-db.com/exploits/45043/	exploit, x_refsource_EXPLOIT-DB
	https://www.qnap.com/zh-tw/security-advisory/nas-201807-10	x_refsource_CONFIRM
	https://www.securityfocus.com/archive/1/542141/100/0/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	QNAP	Q'center Virtual Appliance	Version: 1.7.1063 and earlier

Show details on NVD website