Lucene search
K

Qnap QTS Classic Buffer Overflow (CVE-2023-23363)

🗓️ 16 Oct 2024 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 13 Views

Buffer overflow vulnerability in QNAP QT

Related
Refs
Code
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the QTS operating system, related to the execution of operations beyond the buffer in memory, allows a perpetrator to execute arbitrary code.
11 Dec 202300:00
bdu_fstec
Circl
CVE-2023-23363
22 Sep 202309:02
circl
CNNVD
QNAP Systems QTS Security Vulnerability
22 Sep 202300:00
cnnvd
CVE
CVE-2023-23363
22 Sep 202303:50
cve
Cvelist
CVE-2023-23363 QTS
22 Sep 202303:50
cvelist
EUVD
EUVD-2023-27463
3 Oct 202520:07
euvd
NVD
CVE-2023-23363
22 Sep 202304:15
nvd
OpenVAS
QNAP QTS RCE Vulnerability (QSA-23-25)
9 Oct 202300:00
openvas
OSV
CVE-2023-23363
22 Sep 202304:15
osv
Prion
Input validation
22 Sep 202304:15
prion
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502553);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/10/17");

  script_cve_id("CVE-2023-23363");

  script_name(english:"Qnap QTS Classic Buffer Overflow (CVE-2023-23363)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A buffer copy without checking size of input vulnerability has been
reported to affect QNAP operating system. If exploited, the
vulnerability possibly allows remote users to execute code via
unspecified vectors. We have already fixed the vulnerability in the
following versions: QTS 4.3.6.2441 build 20230621 and later QTS
4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later
QTS 4.3.4.2451 build 20230621 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.qnap.com/en/security-advisory/qsa-23-25");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-23363");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(120);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/09/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/09/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/10/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.3.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.2.0");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Qnap");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Qnap');

var asset = tenable_ot::assets::get(vendor:'Qnap');

var vuln_cpes = {
    "cpe:/o:qnap:qts:4.3.0" :
        {"versionStartIncluding" : "4.3.0", "versionEndExcluding" : "4.3.6.2441", "family" : "QTS"},
    "cpe:/o:qnap:qts:4.2.0" :
        {"versionStartIncluding" : "4.2.0", "versionEndExcluding" : "4.2.6", "family" : "QTS"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Oct 2024 00:00Current
8.9High risk
Vulners AI Score8.9
CVSS 3.18.1 - 9.8
EPSS0.00765
SSVC
13