QnapCVELIST:CVE-2022-27598CVE-2022-27598 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.2%
A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later
CNA Affected
[
{
"vendor": "QNAP Systems Inc.",
"product": "QTS",
"versions": [
{
"version": "unspecified",
"lessThan": "5.0.1.2346 build 20230322",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "QNAP Systems Inc.",
"product": "QuTS hero",
"versions": [
{
"version": "unspecified",
"lessThan": "h5.0.1.2348 build 20230324",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.2%