An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.3.2578 build 20231110 and later
QTS 4.5.4.2627 build 20231225 and later
QuTS hero h5.1.3.2578 build 20231110 and later
QuTS hero h4.5.4.2626 build 20231225 and later
QuTScloud c5.1.5.2651 and later
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-09 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Mar 2024, 14:25
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://www.qnap.com/en/security-advisory/qsa-24-09 - Vendor Advisory | |
CPE | cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:-:*:*:*:*:*:* cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h4.5.4.2626:-:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.3.2578:-:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:* cpe:2.3:o:qnap:qts:4.5.4.2627:-:*:*:*:*:*:* cpe:2.3:o:qnap:qutscloud:*:*:*:*:*:*:*:* |
|
First Time |
Qnap qutscloud
Qnap Qnap qts Qnap quts Hero |
08 Mar 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-08 17:15
Updated : 2024-03-13 14:25
NVD link : CVE-2024-21899
Mitre link : CVE-2024-21899
CVE.ORG link : CVE-2024-21899
JSON object : View
Products Affected
qnap
- qutscloud
- qts
- quts_hero
CWE
CWE-287
Improper Authentication