Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authentication in Kazoo Server
Vulnerability Description
An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Kazoo Server: Kazoo Server 4.11.22 and later
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
Kazoo Server 授权问题漏洞
Vulnerability Description
Qnap Kazoo Server是中国威联通科技(Qnap)公司的一款服务器。 Kazoo Server 中存在授权问题漏洞,该漏洞源于产品上运行的Qnap Nas 未对用户身份做有效验证。攻击者可通过该漏洞破坏系统的安全性。以下产品及版本受到影响:Kazoo Server 4.11.22 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A