Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QTS, QuTS hero and QuTScloud
Vulnerability Description
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
QNAP Systems QTS 和 QuTS hero 安全漏洞
Vulnerability Description
QNAP Systems QTS和QNAP Systems QuTS hero都是中国威联通科技(QNAP Systems)公司的产品。QNAP Systems QTS是一个入门到中阶QNAP NAS 使用的操作系统。QNAP Systems QuTS hero是一个操作系统。 QNAP QTS和QuTS hero存在安全漏洞,该漏洞源于存在敏感信息明文传输问题。攻击者可利用该漏洞过未指定的向量读取敏感数据。受影响的产品和版本:QTS 5.1.0版本,5.0.1版本;QuTS hero h5.1.0版本。
CVSS Information
N/A
Vulnerability Type
N/A