Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistQnapCVELIST:CVE-2018-19943
HistoryOct 28, 2020 - 5:55 p.m.

CVE-2018-19943

2020-10-2817:55:18
CWE-80
CWE-79
qnap
www.cve.org

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later

CNA Affected

[
  {
    "platforms": [
      "build 20200410"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.2.1270",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200330"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.1.1261",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.6.1263",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200408"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.4.1282",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200409"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.3.1252",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200421"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.2.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

checkpoint_advisories 1
nvd 1
prion 1
cve 1
attackerkb 1
cisa_kev 1
openvas 1
nessus 1
checkpoint_advisories
checkpoint_advisories
QNAP FileStation Cross Site Scripting (CVE-2018-19943)
2022-06-27 00:00:00
nvd
nvd
CVE-2018-19943
2020-10-28 18:15:12
prion
prion
Cross site scripting
2020-10-28 18:15:00
cve
cve
CVE-2018-19943
2020-10-28 18:15:12
attackerkb
attackerkb
CVE-2018-19943
2020-10-28 00:00:00
cisa_kev
cisa_kev
QNAP NAS File Station Cross-Site Scripting Vulnerability
2022-05-24 00:00:00
openvas
openvas
QNAP QTS Multiple Vulnerabilities (QSA-20-01)
2020-06-26 00:00:00
nessus
nessus
QNAP QTS Multiple Vulnerabilities in File Station (QSA-20-01)
2022-05-26 00:00:00

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON
Related for CVELIST:CVE-2018-19943
checkpoint_advisories1nvd1prion1cve1attackerkb1cisa_kev1openvas1nessus1