Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-44054
HistoryMay 05, 2022 - 5:15 p.m.

CVE-2021-44054

2022-05-0517:15:10
CWE-601
[email protected]
web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

30.4%

JSON

An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1949 build 20220215 and later QuTS hero h4.5.4.1951 build 20220218 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

Affected configurations

NVD
Node
qnapqtsRange5.0.0.17165.0.0.1986
OR
qnapqtsRange4.3.3.01744.3.3.1945
OR
qnapqtsRange4.3.4.08994.3.4.1976
OR
qnapqtsRange4.3.6.08954.3.6.1965
OR
qnapqtsRange4.4.0.08834.5.4.1991
OR
qnapqtsMatch4.2.6build_20170517
OR
qnapqtsMatch4.2.6build_20190322
OR
qnapqtsMatch4.2.6build_20190730
OR
qnapqtsMatch4.2.6build_20190921
OR
qnapqtsMatch4.2.6build_20191107
OR
qnapqtsMatch4.2.6build_20200109
OR
qnapqtsMatch4.2.6build_20200421
OR
qnapqtsMatch4.2.6build_20200611
OR
qnapqtsMatch4.2.6build_20200821
OR
qnapqtsMatch4.2.6build_20210327
OR
qnapqtsMatch4.2.6build_20211215
OR
qnapquts_heroRange<h4.5.4.1771
OR
qnapquts_heroRangeh5.0.0.1772h5.0.0.1986
OR
qnapqutscloudRange<c5.0.1.1998

Related

cvelist 1
cve 1
prion 1
openvas 3
thn 1
cvelist
cvelist
CVE-2021-44054 Open redirect
2022-05-06 00:00:00
cve
cve
CVE-2021-44054
2022-05-06 00:00:00
prion
prion
Open redirect
2022-05-05 17:15:00
openvas
openvas
QNAP QuTS hero Multiple Vulnerabilities (QSA-22-16)
2022-05-30 00:00:00
QNAP QTS Multiple Vulnerabilities (QSA-22-16)
2022-05-06 00:00:00
QNAP QuTScloud Multiple Vulnerabilities (QSA-22-16)
2022-05-30 00:00:00
thn
thn
QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
2022-05-07 03:20:00

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

30.4%

JSON
Related for NVD:CVE-2021-44054
cvelist1cve1prion1openvas3thn1