CVE-2023-32971

🗓️ 06 Oct 2023 16:36:19Reported by qnapType

CVE-2023-32971: Buffer copy vulnerability in QNAP O

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-32971	6 Oct 202320:13	–	circl
CNNVD	QNAP Buffer Error Vulnerability in Multiple Products	6 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-32971 QTS, QuTS hero, QuTScloud	6 Oct 202316:36	–	cvelist
EUVD	EUVD-2023-37192	3 Oct 202520:07	–	euvd
NVD	CVE-2023-32971	6 Oct 202317:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-23-37)	9 Oct 202300:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-23-37)	9 Oct 202300:00	–	openvas
OpenVAS	QNAP QuTScloud Multiple Vulnerabilities (QSA-23-37)	9 Oct 202300:00	–	openvas
Prion	Input validation	6 Oct 202317:15	–	prion
Positive Technologies	PT-2023-8834 · Qnap · Qts +2	6 Oct 202300:00	–	ptsecurity

NVD

Node

qnap qtsRange4.5.0–4.5.4.2467

qnap qtsRange5.0.0–5.0.1.2425

qnap qtsRange5.1.0–5.1.0.2444

qnap quts_heroRangeh4.5.0–h4.5.4.2476

qnap quts_heroRangeh5.0.0–h5.0.1.2515

qnap quts_heroRangeh5.1.0–h5.1.0.2424

qnap qutscloudRangec5.0.1–c5.1.0.2498

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.0.1.2425 build 20230609",
        "status": "affected",
        "version": "5.0.x",
        "versionType": "custom"
      },
      {
        "lessThan": "5.1.0.2444 build 20230629",
        "status": "affected",
        "version": "5.1.x",
        "versionType": "custom"
      },
      {
        "lessThan": "4.5.4.2467 build 20230718",
        "status": "affected",
        "version": "4.5.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.0.1.2515 build 20230907",
        "status": "affected",
        "version": "h5.0.x",
        "versionType": "custom"
      },
      {
        "lessThan": "h5.1.0.2424 build 20230609",
        "status": "affected",
        "version": "h5.1.x",
        "versionType": "custom"
      },
      {
        "lessThan": "h4.5.4.2476 build 20230728",
        "status": "affected",
        "version": "h4.5.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c5.1.0.2498",
        "status": "affected",
        "version": "c5.0.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-23-37

21 Nov 2024 08:04Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.13.8 - 7.2

EPSS0.00081

SSVC

cve-2023-32971 qnap operating system vulnerability buffer copy code execution network security patch nvd