Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-27597
HistoryMar 29, 2023 - 7:15 a.m.

CVE-2022-27597

2023-03-2907:15:08
CWE-125
CWE-489
CWE-1295
[email protected]
web.nvd.nist.gov
2
qnap
remote access
vulnerability
secret values
out-of-bounds read
authentication
fixed version
operating systems

CVSS3

2.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

3.3

Confidence

High

EPSS

0.001

Percentile

30.0%

JSON

A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later

Affected configurations

Nvd
Node
qnapqvrMatch-
OR
qnapqtsRange<5.0.1.2346
OR
qnapquts_heroRange<h5.0.1.2348
OR
qnapqutscloudMatch-
Node
qnapqvp-41b_firmwareMatch-
AND
qnapqvp-41bMatch-
Node
qnapqvp-63b_firmwareMatch-
AND
qnapqvp-63bMatch-
Node
qnapqvp-85b_firmwareMatch-
AND
qnapqvp-85bMatch-
Node
qnapqvp-21a_firmwareMatch-
AND
qnapqvp-21aMatch-
Node
qnapqvp-41a_firmwareMatch-
AND
qnapqvp-41aMatch-
Node
qnapqvp-63a_firmwareMatch-
AND
qnapqvp-63aMatch-
Node
qnapqvp-85a_firmwareMatch-
AND
qnapqvp-85aMatch-
VendorProductVersionCPE
qnapqvr-cpe:2.3:a:qnap:qvr:-:*:*:*:*:*:*:*
qnapqts*cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*
qnapquts_hero*cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*
qnapqutscloud-cpe:2.3:o:qnap:qutscloud:-:*:*:*:*:*:*:*
qnapqvp-41b_firmware-cpe:2.3:o:qnap:qvp-41b_firmware:-:*:*:*:*:*:*:*
qnapqvp-41b-cpe:2.3:h:qnap:qvp-41b:-:*:*:*:*:*:*:*
qnapqvp-63b_firmware-cpe:2.3:o:qnap:qvp-63b_firmware:-:*:*:*:*:*:*:*
qnapqvp-63b-cpe:2.3:h:qnap:qvp-63b:-:*:*:*:*:*:*:*
qnapqvp-85b_firmware-cpe:2.3:o:qnap:qvp-85b_firmware:-:*:*:*:*:*:*:*
qnapqvp-85b-cpe:2.3:h:qnap:qvp-85b:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

Related

prion 1
cve 1
cvelist 1
nessus 1
openvas 2
prion
prion
Design/Logic Flaw
2023-03-29 07:15:00
cve
cve
CVE-2022-27597
2023-03-29 07:15:08
cvelist
cvelist
CVE-2022-27597 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)
2023-03-29 00:00:00
nessus
nessus
QNAP QTS / QuTS hero Vulnerabilities in QTS, QuTS hero, QuTScloud, and QVP (QSA-23-06)
2023-04-13 00:00:00
openvas
openvas
QNAP QuTS hero Multiple Vulnerabilities (QSA-23-02, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)
2023-03-31 00:00:00
QNAP QTS Multiple Vulnerabilities (QSA-23-02, QSA-23-03, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)
2023-03-31 00:00:00

CVSS3

2.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

3.3

Confidence

High

EPSS

0.001

Percentile

30.0%

JSON
Related for NVD:CVE-2022-27597
prion1cve1cvelist1nessus1openvas2