Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-19943
HistoryOct 28, 2020 - 6:15 p.m.

CVE-2018-19943

2020-10-2818:15:12
CWE-79
CWE-80
[email protected]
web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later

Affected configurations

NVD
Node
qnapqtsRange<4.2.6
OR
qnapqtsRange4.3.1.00134.3.3.1252
OR
qnapqtsRange4.3.44.3.4.1282
OR
qnapqtsRange4.3.64.3.6.1263
OR
qnapqtsRange4.4.04.4.1.1261
OR
qnapqtsRange4.4.24.4.2.1270
OR
qnapqtsMatch4.2.6-
OR
qnapqtsMatch4.2.6build_20170517
OR
qnapqtsMatch4.2.6build_20190322
OR
qnapqtsMatch4.2.6build_20190730
OR
qnapqtsMatch4.2.6build_20190921
OR
qnapqtsMatch4.2.6build_20191107
OR
qnapqtsMatch4.2.6build_20200109
OR
qnapqtsMatch4.2.6build_20200421
OR
qnapqtsMatch4.2.6build_20200611
OR
qnapqtsMatch4.2.6build_20200821

Related

prion 1
cve 1
attackerkb 1
checkpoint_advisories 1
cvelist 1
cisa_kev 1
openvas 1
nessus 1
prion
prion
Cross site scripting
2020-10-28 18:15:00
cve
cve
CVE-2018-19943
2020-10-28 18:15:12
attackerkb
attackerkb
CVE-2018-19943
2020-10-28 00:00:00
checkpoint_advisories
checkpoint_advisories
QNAP FileStation Cross Site Scripting (CVE-2018-19943)
2022-06-27 00:00:00
cvelist
cvelist
CVE-2018-19943
2020-10-28 17:55:18
cisa_kev
cisa_kev
QNAP NAS File Station Cross-Site Scripting Vulnerability
2022-05-24 00:00:00
openvas
openvas
QNAP QTS Multiple Vulnerabilities (QSA-20-01)
2020-06-26 00:00:00
nessus
nessus
QNAP QTS Multiple Vulnerabilities in File Station (QSA-20-01)
2022-05-26 00:00:00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON
Related for NVD:CVE-2018-19943
prion1cve1attackerkb1checkpoint_advisories1cvelist1cisa_kev1openvas1nessus1