QnapCVELIST:CVE-2021-28801CVE-2021-28801 Out-of-Bounds Read Vulnerability in QSS
3.1 Low
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.0%
An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read sensitive information on the system. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.2 build 20210122 on QSW-M2108-2C; versions prior to 1.0.2 build 20210122 on QSW-M2108-2S; versions prior to 1.0.2 build 20210122 on QSW-M2108R-2C.
CNA Affected
[
{
"platforms": [
"QSW-M2108-2C"
],
"product": "QSS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.2 build 20210122",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QSW-M2108-2S"
],
"product": "QSS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.2 build 20210122",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QSW-M2108R-2C"
],
"product": "QSS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.2 build 20210122",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
3.1 Low
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.0%