QnapCVELIST:CVE-2021-44057CVE-2021-44057 Improper authentication in Photo Station
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
9.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.5%
An improper authentication vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.20 ( 2022/02/15 ) and later Photo Station 5.7.16 ( 2022/02/11 ) and later Photo Station 5.4.13 ( 2022/02/11 ) and later
CNA Affected
[
{
"product": "Photo Station",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "6.0.20 ( 2022/02/15 )",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "5.7.16 ( 2022/02/11 )",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "5.4.13 ( 2022/02/11 )",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
9.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.5%