CVE-2021-44055

An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*
cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*
cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*

History

13 May 2022, 20:13

Type Values Removed Values Added
CWE CWE-862
First Time Qnap
Qnap video Station
CPE cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
References (MISC) https://www.qnap.com/en/security-advisory/qsa-22-14 - (MISC) https://www.qnap.com/en/security-advisory/qsa-22-14 - Vendor Advisory

05 May 2022, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-05 17:15

Updated : 2022-05-13 20:13


NVD link : CVE-2021-44055

Mitre link : CVE-2021-44055


JSON object : View

Products Affected

qnap

  • video_station
CWE
CWE-862

Missing Authorization