Lucene search

[email protected]NVD:CVE-2013-6276

HistoryAug 09, 2021 - 6:15 p.m.

CVE-2013-6276

2021-08-0918:15:07

CWE-798

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.5%

JSON

QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models

Affected configurations

NVD

Node

qnapviocard-30_firmwareMatch2312_2.1.0

AND

qnapviocard-30Match-

Node

qnapviocard-100_firmwareMatch-

AND

qnapviocard-100Match-

Node

qnapviocard-300_firmwareMatchrc_b3722

qnapviocard-300_firmwareMatchrs_b4631

AND

qnapviocard-300Match-

Node

qnapviogate-340a_firmwareMatch-

AND

qnapviogate-340aMatch-

Node

qnapviogate-340_firmwareMatch2308_2.1.0

AND

qnapviogate-340Match-

References

firmware.re/vulns/acsa-2013-002.php

web.archive.org/web/20210320190014/http://firmware.re/vulns/acsa-2013-002.php

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.5%

JSON

Related for NVD:CVE-2013-6276

cvelist1 prion1 cve1