Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-844
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QuTS hero versions ant\u00e9rieures \u00e0 h4.5.1.1491 build 20201119",
"product": {
"name": "QuTS hero",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QES versions ant\u00e9rieures \u00e0 2.1.1 Build 20201006",
"product": {
"name": "N/A",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QTS versions ant\u00e9rieures \u00e0 4.5.1.1495 build 20201123",
"product": {
"name": "QTS",
"vendor": {
"name": "Qnap",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-2499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2499"
},
{
"name": "CVE-2020-2504",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2504"
},
{
"name": "CVE-2020-25847",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25847"
},
{
"name": "CVE-2020-2503",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2503"
},
{
"name": "CVE-2020-2505",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2505"
},
{
"name": "CVE-2016-6903",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6903"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-844",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-17 du 23 d\u00e9cembre 2020",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-17"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-19 du 23 d\u00e9cembre 2020",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-19"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-20 du 23 d\u00e9cembre 2020",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-20"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-20-18 du 23 d\u00e9cembre 2020",
"url": "https://www.qnap.com/fr-fr/security-advisory/qsa-20-18"
}
]
}
CVE-2020-2503 (GCVE-0-2020-2503)
Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-17 03:07
VLAI?
EPSS
Summary
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
Severity ?
9 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QES |
Affected:
unspecified , < 2.1.1
(custom)
|
Credits
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:09:54.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"build 20201006"
],
"product": "QES",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "TIM Security Red Team Research"
}
],
"datePublic": "2020-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-31T16:33:28",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
},
"title": "Stored cross-site scripting vulnerability in QES",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
"ID": "CVE-2020-2503",
"STATE": "PUBLIC",
"TITLE": "Stored cross-site scripting vulnerability in QES"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QES",
"version": {
"version_data": [
{
"platform": "build 20201006",
"version_affected": "\u003c",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "TIM Security Red Team Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-749 Exposed Dangerous Method or Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
"refsource": "MISC",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2020-2503",
"datePublished": "2020-12-24T01:39:08.389271Z",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-09-17T03:07:20.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25847 (GCVE-0-2020-25847)
Vulnerability from cvelistv5 – Published: 2020-12-29 07:10 – Updated: 2024-09-16 16:28
VLAI?
EPSS
Summary
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.
Severity ?
8.8 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
unspecified , < 4.5.1.1495
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
CFF of Topsec Alpha Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:37.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-20-20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"build 20201123"
],
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "4.5.1.1495",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"build 20200930"
],
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThanOrEqual": "4.4.3.1444",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"status": "unaffected",
"version": "4.3.x"
},
{
"status": "unaffected",
"version": "4.2.x"
}
]
},
{
"platforms": [
"build 20201119"
],
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h4.5.1.1491",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "CFF of Topsec Alpha Team"
}
],
"datePublic": "2020-12-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T07:10:12",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-20-20"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.\n\nQuTS hero h4.5.1.1491 build 20201119 and later\nQTS 4.5.1.1495 build 20201123 and later\n\nThis issue does not affect QTS 4.3.x and QTS 4.2.x."
}
],
"source": {
"advisory": "QSA-20-20",
"discovery": "EXTERNAL"
},
"title": "Command Injection Vulnerability in QTS and QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2020-12-30T06:00:00.000Z",
"ID": "CVE-2020-25847",
"STATE": "PUBLIC",
"TITLE": "Command Injection Vulnerability in QTS and QuTS hero"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QTS",
"version": {
"version_data": [
{
"platform": "build 20201123",
"version_affected": "\u003c",
"version_value": "4.5.1.1495"
},
{
"platform": "build 20200930",
"version_affected": "\u003c=",
"version_value": "4.4.3.1444"
},
{
"version_affected": "!",
"version_value": "4.3.x"
},
{
"version_affected": "!",
"version_value": "4.2.x"
}
]
}
},
{
"product_name": "QuTS hero",
"version": {
"version_data": [
{
"platform": "build 20201119",
"version_affected": "\u003c",
"version_value": "h4.5.1.1491"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "CFF of Topsec Alpha Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-20-20",
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-20-20"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.\n\nQuTS hero h4.5.1.1491 build 20201119 and later\nQTS 4.5.1.1495 build 20201123 and later\n\nThis issue does not affect QTS 4.3.x and QTS 4.2.x."
}
],
"source": {
"advisory": "QSA-20-20",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2020-25847",
"datePublished": "2020-12-29T07:10:13.047777Z",
"dateReserved": "2020-09-23T00:00:00",
"dateUpdated": "2024-09-16T16:28:10.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2505 (GCVE-0-2020-2505)
Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-16 21:07
VLAI?
EPSS
Summary
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QES |
Affected:
unspecified , < 2.1.1
(custom)
|
Credits
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:09:54.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"build 20201006"
],
"product": "QES",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "TIM Security Red Team Research"
}
],
"datePublic": "2020-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209 Information Exposure Through an Error Message",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-31T16:33:28",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
},
"title": "Sensitive information via generation of error messages vulnerability in QES",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
"ID": "CVE-2020-2505",
"STATE": "PUBLIC",
"TITLE": "Sensitive information via generation of error messages vulnerability in QES"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QES",
"version": {
"version_data": [
{
"platform": "build 20201006",
"version_affected": "\u003c",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "TIM Security Red Team Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209 Information Exposure Through an Error Message"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
"refsource": "MISC",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2020-2505",
"datePublished": "2020-12-24T01:39:48.218705Z",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-09-16T21:07:28.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6903 (GCVE-0-2016-6903)
Vulnerability from cvelistv5 – Published: 2017-04-24 19:00 – Updated: 2024-08-06 01:43
VLAI?
EPSS
Summary
lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
},
{
"name": "92591",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92591"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
},
{
"name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ghantoos/lshell/issues/149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-24T18:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
},
{
"name": "92591",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92591"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
},
{
"name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ghantoos/lshell/issues/149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-6903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369345"
},
{
"name": "92591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92591"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834946"
},
{
"name": "[oss-security] 20160822 Re: CVE Request: lshell: shell outbreak vulnerabilities via bad syntax parse and multiline commands",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/22/17"
},
{
"name": "https://github.com/ghantoos/lshell/issues/149",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/issues/149"
},
{
"name": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/commit/e72dfcd1f258193f9aaea3591ecbdaed207661a0"
},
{
"name": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68",
"refsource": "CONFIRM",
"url": "https://github.com/ghantoos/lshell/pull/153/commits/a686f71732a3d0f16df52ef46ab8a49ee0083c68"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2016-6903",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-08-22T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2499 (GCVE-0-2020-2499)
Vulnerability from cvelistv5 – Published: 2020-12-24 01:38 – Updated: 2024-09-17 03:18
VLAI?
EPSS
Summary
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
Severity ?
6.3 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QES |
Affected:
unspecified , < 2.1.1
(custom)
|
Credits
Lodestone Security
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:09:54.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"build 20200515"
],
"product": "QES",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lodestone Security"
}
],
"datePublic": "2020-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-31T16:33:28",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
}
],
"source": {
"advisory": "QSA-20-19",
"discovery": "EXTERNAL"
},
"title": "Hard-coded Password Vulnerability in QES",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
"ID": "CVE-2020-2499",
"STATE": "PUBLIC",
"TITLE": "Hard-coded Password Vulnerability in QES"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QES",
"version": {
"version_data": [
{
"platform": "build 20200515",
"version_affected": "\u003c",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lodestone Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-259 Use of Hard-coded Password"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19",
"refsource": "MISC",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
}
],
"source": {
"advisory": "QSA-20-19",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2020-2499",
"datePublished": "2020-12-24T01:38:14.895132Z",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-09-17T03:18:12.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2504 (GCVE-0-2020-2504)
Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-17 00:25
VLAI?
EPSS
Summary
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
Severity ?
5.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | QES |
Affected:
unspecified , < 2.1.1
(custom)
|
Credits
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:09:54.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"build 20201006"
],
"product": "QES",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "TIM Security Red Team Research"
}
],
"datePublic": "2020-12-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-31T16:33:28",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
],
"solutions": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
},
"title": "Absolute path traversal vulnerability in QES",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
"ID": "CVE-2020-2504",
"STATE": "PUBLIC",
"TITLE": "Absolute path traversal vulnerability in QES"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QES",
"version": {
"version_data": [
{
"platform": "build 20201006",
"version_affected": "\u003c",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "TIM Security Red Team Research"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-73 External Control of File Name or Path"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
"refsource": "MISC",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
}
]
},
"solution": [
{
"lang": "en",
"value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
}
],
"source": {
"advisory": "QSA-20-17",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2020-2504",
"datePublished": "2020-12-24T01:39:28.422487Z",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-09-17T00:25:31.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…