Vulnerability-Lookup

CVE-2023-32975 (GCVE-0-2023-32975)

Vulnerability from cvelistv5 – Published: 2023-12-08 16:07 – Updated: 2025-05-27 14:47

Title

QTS, QuTS hero

Summary

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later

Severity

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-120

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-23-07

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.0.x , < 5.0.1.2514 build 20230906 (custom) Affected: 5.1.x , < 5.1.2.2533 build 20230926 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.0.x , < h5.0.1.2515 build 20230907 (custom) Affected: h5.1.x , < h5.1.2.2534 build 20230927 (custom)

Credits

Jiaxu Zhao && Bingwei Peng

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:32:46.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32975",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T14:47:19.542895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T14:47:36.100Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.0.1.2514 build 20230906",
              "status": "affected",
              "version": "5.0.x",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.2.2533 build 20230926",
              "status": "affected",
              "version": "5.1.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.0.1.2515 build 20230907",
              "status": "affected",
              "version": "h5.0.x",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.1.2.2534 build 20230927",
              "status": "affected",
              "version": "h5.1.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Jiaxu Zhao \u0026\u0026 Bingwei Peng"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.2.2533 build 20230926 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.2.2534 build 20230927 and later\u003cbr\u003e"
            }
          ],
          "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-08T16:07:05.465Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.2.2533 build 20230926 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.2.2534 build 20230927 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
        }
      ],
      "source": {
        "advisory": "QSA-23-07",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2023-32975",
    "datePublished": "2023-12-08T16:07:05.465Z",
    "dateReserved": "2023-05-16T10:44:49.056Z",
    "dateUpdated": "2025-05-27T14:47:36.100Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-32975",
      "date": "2026-05-27",
      "epss": "0.00068",
      "percentile": "0.20861"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*\", \"matchCriteriaId\": \"39382CBA-EA68-426A-AC07-A9A26E722CAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*\", \"matchCriteriaId\": \"8368130C-F26D-41FE-8D78-B103A23B5327\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E0EE181-78AF-4C3C-90A4-C69A2DE6E176\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*\", \"matchCriteriaId\": \"56E3AE06-78DA-4844-ADC1-09A35F1C5B54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2AA7A32-0DA8-4417-A23E-C4F563BC7819\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2034:build_20220515:*:*:*:*:*:*\", \"matchCriteriaId\": \"A014C53A-6057-46C3-ABE9-A0ACA785425B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2079:build_20220629:*:*:*:*:*:*\", \"matchCriteriaId\": \"D57801C1-0E7C-482F-816E-A405DE4A86C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2131:build_20220820:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE301B1C-4E3E-4AC4-80BB-D06BE16D0C64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2137:build_20220826:*:*:*:*:*:*\", \"matchCriteriaId\": \"582171F1-ADD6-4F68-8539-154E53A783A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2145:build_20220903:*:*:*:*:*:*\", \"matchCriteriaId\": \"B621B512-940C-4C16-A64F-3E577B9DE6B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2173:build_20221001:*:*:*:*:*:*\", \"matchCriteriaId\": \"F05F874D-52CB-49A1-AF3B-A0503C33710C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2194:build_20221022:*:*:*:*:*:*\", \"matchCriteriaId\": \"86123F0E-3A48-45EB-B8C6-7A953E7719D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2234:build_20221201:*:*:*:*:*:*\", \"matchCriteriaId\": \"644159A6-4018-4BDB-863B-94F5725534EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2248:build_20221215:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB42C492-9259-4A03-A65C-EACDD31E543A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2277:build_20230112:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CECD991-E1F0-4B6B-8CA4-2EEFBA071622\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2346:build_20230322:*:*:*:*:*:*\", \"matchCriteriaId\": \"55711131-A764-4E5C-9FF9-19DD601F5081\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2376:build_20230421:*:*:*:*:*:*\", \"matchCriteriaId\": \"45C6A343-D973-4A54-B547-7B90599F97AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:qts:5.0.1.2425:build_20230609:*:*:*:*:*:*\", \"matchCriteriaId\": \"77F60935-8B27-4D1A-909F-70A8AAE7B346\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CA398A8-EBDF-4D41-B15E-7B763F885021\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*\", \"matchCriteriaId\": \"F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*\", \"matchCriteriaId\": \"53387FAC-7BE0-47D7-99BF-2B1F03C17CC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4226394-0023-4CD2-BB89-77251BF92FF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*\", \"matchCriteriaId\": \"646257F7-D4A4-43B0-91F2-7850338B3CA1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2045:build_20220526:*:*:*:*:*:*\", \"matchCriteriaId\": \"698DB6DC-9262-48A2-9232-DFC97C8BBB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2192:build_20221020:*:*:*:*:*:*\", \"matchCriteriaId\": \"A728F1BE-B17B-4721-9C9E-97A666CAD07B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2248:build_20221215:*:*:*:*:*:*\", \"matchCriteriaId\": \"85EC894E-2C81-4A9D-9AC7-2ADF74ADE7E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2269:build_20230104:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C4C9FDD-FD44-44E7-B552-40E94AC32A23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2277:build_20230112:*:*:*:*:*:*\", \"matchCriteriaId\": \"81BA2B4F-1665-4505-96FD-FCDEE7D77583\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2348:build_20230324:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A28B922-56DF-434B-82B8-1BFC69ED5C70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qnap:quts_hero:h5.0.1.2376:build_20230421:*:*:*:*:*:*\", \"matchCriteriaId\": \"08349EE1-5D49-402F-9E3F-FFAC9D39FBCB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\\n\\nWe have already fixed the vulnerability in the following versions:\\nQTS 5.0.1.2514 build 20230906 and later\\nQTS 5.1.2.2533 build 20230926 and later\\nQuTS hero h5.0.1.2515 build 20230907 and later\\nQuTS hero h5.1.2.2534 build 20230927 and later\\n\"}, {\"lang\": \"es\", \"value\": \"Se ha informado que una copia del b\\u00fafer sin verificar el tama\\u00f1o de la vulnerabilidad de entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\\u00eda permitir a los administradores autenticados ejecutar c\\u00f3digo a trav\\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2514 compilaci\\u00f3n 20230906 y posteriores QTS 5.1.2.2533 compilaci\\u00f3n 20230926 y posteriores QuTS hero h5.0.1.2515 compilaci\\u00f3n 20230907 y posteriores QuTS hero h5.1.2.2534 compilaci\\u00f3n 20230927 y posteriores\"}]",
      "id": "CVE-2023-32975",
      "lastModified": "2024-11-21T08:04:19.710",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@qnapsecurity.com.tw\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}]}",
      "published": "2023-12-08T16:15:16.153",
      "references": "[{\"url\": \"https://www.qnap.com/en/security-advisory/qsa-23-07\", \"source\": \"security@qnapsecurity.com.tw\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.qnap.com/en/security-advisory/qsa-23-07\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@qnapsecurity.com.tw",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@qnapsecurity.com.tw\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-32975\",\"sourceIdentifier\":\"security@qnapsecurity.com.tw\",\"published\":\"2023-12-08T16:15:16.153\",\"lastModified\":\"2024-11-21T08:04:19.710\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\\n\\nWe have already fixed the vulnerability in the following versions:\\nQTS 5.0.1.2514 build 20230906 and later\\nQTS 5.1.2.2533 build 20230926 and later\\nQuTS hero h5.0.1.2515 build 20230907 and later\\nQuTS hero h5.1.2.2534 build 20230927 and later\\n\"},{\"lang\":\"es\",\"value\":\"Se ha informado que una copia del b\u00fafer sin verificar el tama\u00f1o de la vulnerabilidad de entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los administradores autenticados ejecutar c\u00f3digo a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2514 compilaci\u00f3n 20230906 y posteriores QTS 5.1.2.2533 compilaci\u00f3n 20230926 y posteriores QuTS hero h5.0.1.2515 compilaci\u00f3n 20230907 y posteriores QuTS hero h5.1.2.2534 compilaci\u00f3n 20230927 y posteriores\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@qnapsecurity.com.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@qnapsecurity.com.tw\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*\",\"matchCriteriaId\":\"39382CBA-EA68-426A-AC07-A9A26E722CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*\",\"matchCriteriaId\":\"8368130C-F26D-41FE-8D78-B103A23B5327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E0EE181-78AF-4C3C-90A4-C69A2DE6E176\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*\",\"matchCriteriaId\":\"56E3AE06-78DA-4844-ADC1-09A35F1C5B54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2AA7A32-0DA8-4417-A23E-C4F563BC7819\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2034:build_20220515:*:*:*:*:*:*\",\"matchCriteriaId\":\"A014C53A-6057-46C3-ABE9-A0ACA785425B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2079:build_20220629:*:*:*:*:*:*\",\"matchCriteriaId\":\"D57801C1-0E7C-482F-816E-A405DE4A86C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2131:build_20220820:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE301B1C-4E3E-4AC4-80BB-D06BE16D0C64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2137:build_20220826:*:*:*:*:*:*\",\"matchCriteriaId\":\"582171F1-ADD6-4F68-8539-154E53A783A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2145:build_20220903:*:*:*:*:*:*\",\"matchCriteriaId\":\"B621B512-940C-4C16-A64F-3E577B9DE6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2173:build_20221001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F05F874D-52CB-49A1-AF3B-A0503C33710C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2194:build_20221022:*:*:*:*:*:*\",\"matchCriteriaId\":\"86123F0E-3A48-45EB-B8C6-7A953E7719D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2234:build_20221201:*:*:*:*:*:*\",\"matchCriteriaId\":\"644159A6-4018-4BDB-863B-94F5725534EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2248:build_20221215:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB42C492-9259-4A03-A65C-EACDD31E543A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2277:build_20230112:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CECD991-E1F0-4B6B-8CA4-2EEFBA071622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2346:build_20230322:*:*:*:*:*:*\",\"matchCriteriaId\":\"55711131-A764-4E5C-9FF9-19DD601F5081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2376:build_20230421:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C6A343-D973-4A54-B547-7B90599F97AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.0.1.2425:build_20230609:*:*:*:*:*:*\",\"matchCriteriaId\":\"77F60935-8B27-4D1A-909F-70A8AAE7B346\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA398A8-EBDF-4D41-B15E-7B763F885021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*\",\"matchCriteriaId\":\"53387FAC-7BE0-47D7-99BF-2B1F03C17CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4226394-0023-4CD2-BB89-77251BF92FF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*\",\"matchCriteriaId\":\"646257F7-D4A4-43B0-91F2-7850338B3CA1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2045:build_20220526:*:*:*:*:*:*\",\"matchCriteriaId\":\"698DB6DC-9262-48A2-9232-DFC97C8BBB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2192:build_20221020:*:*:*:*:*:*\",\"matchCriteriaId\":\"A728F1BE-B17B-4721-9C9E-97A666CAD07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2248:build_20221215:*:*:*:*:*:*\",\"matchCriteriaId\":\"85EC894E-2C81-4A9D-9AC7-2ADF74ADE7E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2269:build_20230104:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4C9FDD-FD44-44E7-B552-40E94AC32A23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2277:build_20230112:*:*:*:*:*:*\",\"matchCriteriaId\":\"81BA2B4F-1665-4505-96FD-FCDEE7D77583\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2348:build_20230324:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A28B922-56DF-434B-82B8-1BFC69ED5C70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.0.1.2376:build_20230421:*:*:*:*:*:*\",\"matchCriteriaId\":\"08349EE1-5D49-402F-9E3F-FFAC9D39FBCB\"}]}]}],\"references\":[{\"url\":\"https://www.qnap.com/en/security-advisory/qsa-23-07\",\"source\":\"security@qnapsecurity.com.tw\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.qnap.com/en/security-advisory/qsa-23-07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.qnap.com/en/security-advisory/qsa-23-07\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T15:32:46.334Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-32975\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-27T14:47:19.542895Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-27T14:47:29.056Z\"}}], \"cna\": {\"title\": \"QTS, QuTS hero\", \"source\": {\"advisory\": \"QSA-23-07\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Jiaxu Zhao \u0026\u0026 Bingwei Peng\"}], \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"QNAP Systems Inc.\", \"product\": \"QTS\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0.x\", \"lessThan\": \"5.0.1.2514 build 20230906\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"5.1.x\", \"lessThan\": \"5.1.2.2533 build 20230926\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"QNAP Systems Inc.\", \"product\": \"QuTS hero\", \"versions\": [{\"status\": \"affected\", \"version\": \"h5.0.x\", \"lessThan\": \"h5.0.1.2515 build 20230907\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"h5.1.x\", \"lessThan\": \"h5.1.2.2534 build 20230927\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"We have already fixed the vulnerability in the following versions:\\nQTS 5.0.1.2514 build 20230906 and later\\nQTS 5.1.2.2533 build 20230926 and later\\nQuTS hero h5.0.1.2515 build 20230907 and later\\nQuTS hero h5.1.2.2534 build 20230927 and later\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.2.2533 build 20230926 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.2.2534 build 20230927 and later\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.qnap.com/en/security-advisory/qsa-23-07\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\\n\\nWe have already fixed the vulnerability in the following versions:\\nQTS 5.0.1.2514 build 20230906 and later\\nQTS 5.1.2.2533 build 20230926 and later\\nQuTS hero h5.0.1.2515 build 20230907 and later\\nQuTS hero h5.1.2.2534 build 20230927 and later\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.2.2533 build 20230926 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.2.2534 build 20230927 and later\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120\"}]}], \"providerMetadata\": {\"orgId\": \"2fd009eb-170a-4625-932b-17a53af1051f\", \"shortName\": \"qnap\", \"dateUpdated\": \"2023-12-08T16:07:05.465Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-32975\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-27T14:47:36.100Z\", \"dateReserved\": \"2023-05-16T10:44:49.056Z\", \"assignerOrgId\": \"2fd009eb-170a-4625-932b-17a53af1051f\", \"datePublished\": \"2023-12-08T16:07:05.465Z\", \"assignerShortName\": \"qnap\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2023-AVI-1011

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Qnap. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Qnap	QuTS hero	Qnap QuTS hero h5.0.x versions antérieures à h5.0.1.2515 build 20230907
Qnap	QTS	Qnap QTS 5.0.x versions antérieures à 5.0.1.2514 build 20230906
Qnap	QTS	Qnap QTS 4.5.x versions antérieures à 4.5.4.2467 build 20230718
Qnap	QTS	Qnap QTS 5.1.x versions antérieures à 5.1.3.2578 build 20231110
Qnap	QVR	Qnap QVR Firmware 4.x versions antérieures à 5.x
Qnap	QuTS hero	Qnap QuTS hero h5.1.x versions antérieures à h5.1.3.2578 build 20231110
Qnap	QuTS hero	Qnap QuTS hero h4.5.x versions antérieures à h4.5.4.2476 build 20230728

References

Title

Publication Time

CERTFR-2023-AVI-1011

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Qnap	QuTS hero	Qnap QuTS hero h5.0.x versions antérieures à h5.0.1.2515 build 20230907
Qnap	QTS	Qnap QTS 5.0.x versions antérieures à 5.0.1.2514 build 20230906
Qnap	QTS	Qnap QTS 4.5.x versions antérieures à 4.5.4.2467 build 20230718
Qnap	QTS	Qnap QTS 5.1.x versions antérieures à 5.1.3.2578 build 20231110
Qnap	QVR	Qnap QVR Firmware 4.x versions antérieures à 5.x
Qnap	QuTS hero	Qnap QuTS hero h5.1.x versions antérieures à h5.1.3.2578 build 20231110
Qnap	QuTS hero	Qnap QuTS hero h4.5.x versions antérieures à h4.5.4.2476 build 20230728

References

Title

Publication Time

FKIE_CVE-2023-32975

Vulnerability from fkie_nvd - Published: 2023-12-08 16:15 - Updated: 2024-11-21 08:04

Severity

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@qnapsecurity.com.tw	https://www.qnap.com/en/security-advisory/qsa-23-07	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.qnap.com/en/security-advisory/qsa-23-07	Vendor Advisory

Impacted products

Vendor	Product	Version
qnap	qts	5.1.0.2348
qnap	qts	5.1.0.2399
qnap	qts	5.1.0.2418
qnap	qts	5.1.0.2444
qnap	qts	5.1.0.2466
qnap	qts	5.1.1.2491
qnap	qts	5.0.1.2034
qnap	qts	5.0.1.2079
qnap	qts	5.0.1.2131
qnap	qts	5.0.1.2137
qnap	qts	5.0.1.2145
qnap	qts	5.0.1.2173
qnap	qts	5.0.1.2194
qnap	qts	5.0.1.2234
qnap	qts	5.0.1.2248
qnap	qts	5.0.1.2277
qnap	qts	5.0.1.2346
qnap	qts	5.0.1.2376
qnap	qts	5.0.1.2425
qnap	quts_hero	h5.1.0.2409
qnap	quts_hero	h5.1.0.2424
qnap	quts_hero	h5.1.0.2453
qnap	quts_hero	h5.1.0.2466
qnap	quts_hero	h5.1.1.2488
qnap	quts_hero	h5.0.1.2045
qnap	quts_hero	h5.0.1.2192
qnap	quts_hero	h5.0.1.2248
qnap	quts_hero	h5.0.1.2269
qnap	quts_hero	h5.0.1.2277
qnap	quts_hero	h5.0.1.2348
qnap	quts_hero	h5.0.1.2376

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*",
              "matchCriteriaId": "39382CBA-EA68-426A-AC07-A9A26E722CAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*",
              "matchCriteriaId": "BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*",
              "matchCriteriaId": "8368130C-F26D-41FE-8D78-B103A23B5327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*",
              "matchCriteriaId": "3E0EE181-78AF-4C3C-90A4-C69A2DE6E176",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*",
              "matchCriteriaId": "56E3AE06-78DA-4844-ADC1-09A35F1C5B54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*",
              "matchCriteriaId": "D2AA7A32-0DA8-4417-A23E-C4F563BC7819",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2034:build_20220515:*:*:*:*:*:*",
              "matchCriteriaId": "A014C53A-6057-46C3-ABE9-A0ACA785425B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2079:build_20220629:*:*:*:*:*:*",
              "matchCriteriaId": "D57801C1-0E7C-482F-816E-A405DE4A86C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2131:build_20220820:*:*:*:*:*:*",
              "matchCriteriaId": "DE301B1C-4E3E-4AC4-80BB-D06BE16D0C64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2137:build_20220826:*:*:*:*:*:*",
              "matchCriteriaId": "582171F1-ADD6-4F68-8539-154E53A783A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2145:build_20220903:*:*:*:*:*:*",
              "matchCriteriaId": "B621B512-940C-4C16-A64F-3E577B9DE6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2173:build_20221001:*:*:*:*:*:*",
              "matchCriteriaId": "F05F874D-52CB-49A1-AF3B-A0503C33710C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2194:build_20221022:*:*:*:*:*:*",
              "matchCriteriaId": "86123F0E-3A48-45EB-B8C6-7A953E7719D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2234:build_20221201:*:*:*:*:*:*",
              "matchCriteriaId": "644159A6-4018-4BDB-863B-94F5725534EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2248:build_20221215:*:*:*:*:*:*",
              "matchCriteriaId": "EB42C492-9259-4A03-A65C-EACDD31E543A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2277:build_20230112:*:*:*:*:*:*",
              "matchCriteriaId": "1CECD991-E1F0-4B6B-8CA4-2EEFBA071622",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2346:build_20230322:*:*:*:*:*:*",
              "matchCriteriaId": "55711131-A764-4E5C-9FF9-19DD601F5081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2376:build_20230421:*:*:*:*:*:*",
              "matchCriteriaId": "45C6A343-D973-4A54-B547-7B90599F97AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2425:build_20230609:*:*:*:*:*:*",
              "matchCriteriaId": "77F60935-8B27-4D1A-909F-70A8AAE7B346",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*",
              "matchCriteriaId": "6CA398A8-EBDF-4D41-B15E-7B763F885021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*",
              "matchCriteriaId": "F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*",
              "matchCriteriaId": "53387FAC-7BE0-47D7-99BF-2B1F03C17CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*",
              "matchCriteriaId": "D4226394-0023-4CD2-BB89-77251BF92FF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*",
              "matchCriteriaId": "646257F7-D4A4-43B0-91F2-7850338B3CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2045:build_20220526:*:*:*:*:*:*",
              "matchCriteriaId": "698DB6DC-9262-48A2-9232-DFC97C8BBB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2192:build_20221020:*:*:*:*:*:*",
              "matchCriteriaId": "A728F1BE-B17B-4721-9C9E-97A666CAD07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2248:build_20221215:*:*:*:*:*:*",
              "matchCriteriaId": "85EC894E-2C81-4A9D-9AC7-2ADF74ADE7E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2269:build_20230104:*:*:*:*:*:*",
              "matchCriteriaId": "8C4C9FDD-FD44-44E7-B552-40E94AC32A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2277:build_20230112:*:*:*:*:*:*",
              "matchCriteriaId": "81BA2B4F-1665-4505-96FD-FCDEE7D77583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2348:build_20230324:*:*:*:*:*:*",
              "matchCriteriaId": "3A28B922-56DF-434B-82B8-1BFC69ED5C70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2376:build_20230421:*:*:*:*:*:*",
              "matchCriteriaId": "08349EE1-5D49-402F-9E3F-FFAC9D39FBCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
    },
    {
      "lang": "es",
      "value": "Se ha informado que una copia del b\u00fafer sin verificar el tama\u00f1o de la vulnerabilidad de entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los administradores autenticados ejecutar c\u00f3digo a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2514 compilaci\u00f3n 20230906 y posteriores QTS 5.1.2.2533 compilaci\u00f3n 20230926 y posteriores QuTS hero h5.0.1.2515 compilaci\u00f3n 20230907 y posteriores QuTS hero h5.1.2.2534 compilaci\u00f3n 20230927 y posteriores"
    }
  ],
  "id": "CVE-2023-32975",
  "lastModified": "2024-11-21T08:04:19.710",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "security@qnapsecurity.com.tw",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-12-08T16:15:16.153",
  "references": [
    {
      "source": "security@qnapsecurity.com.tw",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
    }
  ],
  "sourceIdentifier": "security@qnapsecurity.com.tw",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security@qnapsecurity.com.tw",
      "type": "Secondary"
    }
  ]
}

GHSA-CJP2-5MJ8-82HM

Vulnerability from github – Published: 2023-12-08 18:30 – Updated: 2023-12-08 18:30

Details

We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later

Severity

4.9 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-32975"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-08T16:15:16Z",
    "severity": "MODERATE"
  },
  "details": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n",
  "id": "GHSA-cjp2-5mj8-82hm",
  "modified": "2023-12-08T18:30:41Z",
  "published": "2023-12-08T18:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32975"
    },
    {
      "type": "WEB",
      "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-32975

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-32975

Aliases

CVE-2023-32975

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-32975",
    "id": "GSD-2023-32975"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-32975"
      ],
      "details": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n",
      "id": "GSD-2023-32975",
      "modified": "2023-12-13T01:20:23.416350Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@qnap.com",
        "ID": "CVE-2023-32975",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "QTS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "5.0.x",
                          "version_value": "5.0.1.2514 build 20230906"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "5.1.x",
                          "version_value": "5.1.2.2533 build 20230926"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "QuTS hero",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "h5.0.x",
                          "version_value": "h5.0.1.2515 build 20230907"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "h5.1.x",
                          "version_value": "h5.1.2.2534 build 20230927"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "QNAP Systems Inc."
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Jiaxu Zhao \u0026\u0026 Bingwei Peng"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-120",
                "lang": "eng",
                "value": "CWE-120"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.qnap.com/en/security-advisory/qsa-23-07",
            "refsource": "MISC",
            "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.2.2533 build 20230926 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.2.2534 build 20230927 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
        }
      ],
      "source": {
        "advisory": "QSA-23-07",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*",
                    "matchCriteriaId": "39382CBA-EA68-426A-AC07-A9A26E722CAB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*",
                    "matchCriteriaId": "BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*",
                    "matchCriteriaId": "8368130C-F26D-41FE-8D78-B103A23B5327",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*",
                    "matchCriteriaId": "3E0EE181-78AF-4C3C-90A4-C69A2DE6E176",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*",
                    "matchCriteriaId": "56E3AE06-78DA-4844-ADC1-09A35F1C5B54",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*",
                    "matchCriteriaId": "D2AA7A32-0DA8-4417-A23E-C4F563BC7819",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2034:build_20220515:*:*:*:*:*:*",
                    "matchCriteriaId": "A014C53A-6057-46C3-ABE9-A0ACA785425B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2079:build_20220629:*:*:*:*:*:*",
                    "matchCriteriaId": "D57801C1-0E7C-482F-816E-A405DE4A86C2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2131:build_20220820:*:*:*:*:*:*",
                    "matchCriteriaId": "DE301B1C-4E3E-4AC4-80BB-D06BE16D0C64",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2137:build_20220826:*:*:*:*:*:*",
                    "matchCriteriaId": "582171F1-ADD6-4F68-8539-154E53A783A7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2145:build_20220903:*:*:*:*:*:*",
                    "matchCriteriaId": "B621B512-940C-4C16-A64F-3E577B9DE6B8",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2173:build_20221001:*:*:*:*:*:*",
                    "matchCriteriaId": "F05F874D-52CB-49A1-AF3B-A0503C33710C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2194:build_20221022:*:*:*:*:*:*",
                    "matchCriteriaId": "86123F0E-3A48-45EB-B8C6-7A953E7719D9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2234:build_20221201:*:*:*:*:*:*",
                    "matchCriteriaId": "644159A6-4018-4BDB-863B-94F5725534EA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2248:build_20221215:*:*:*:*:*:*",
                    "matchCriteriaId": "EB42C492-9259-4A03-A65C-EACDD31E543A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2277:build_20230112:*:*:*:*:*:*",
                    "matchCriteriaId": "1CECD991-E1F0-4B6B-8CA4-2EEFBA071622",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2346:build_20230322:*:*:*:*:*:*",
                    "matchCriteriaId": "55711131-A764-4E5C-9FF9-19DD601F5081",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2376:build_20230421:*:*:*:*:*:*",
                    "matchCriteriaId": "45C6A343-D973-4A54-B547-7B90599F97AD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:qts:5.0.1.2425:build_20230609:*:*:*:*:*:*",
                    "matchCriteriaId": "77F60935-8B27-4D1A-909F-70A8AAE7B346",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*",
                    "matchCriteriaId": "6CA398A8-EBDF-4D41-B15E-7B763F885021",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*",
                    "matchCriteriaId": "F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*",
                    "matchCriteriaId": "53387FAC-7BE0-47D7-99BF-2B1F03C17CC3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*",
                    "matchCriteriaId": "D4226394-0023-4CD2-BB89-77251BF92FF3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*",
                    "matchCriteriaId": "646257F7-D4A4-43B0-91F2-7850338B3CA1",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2045:build_20220526:*:*:*:*:*:*",
                    "matchCriteriaId": "698DB6DC-9262-48A2-9232-DFC97C8BBB61",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2192:build_20221020:*:*:*:*:*:*",
                    "matchCriteriaId": "A728F1BE-B17B-4721-9C9E-97A666CAD07B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2248:build_20221215:*:*:*:*:*:*",
                    "matchCriteriaId": "85EC894E-2C81-4A9D-9AC7-2ADF74ADE7E5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2269:build_20230104:*:*:*:*:*:*",
                    "matchCriteriaId": "8C4C9FDD-FD44-44E7-B552-40E94AC32A23",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2277:build_20230112:*:*:*:*:*:*",
                    "matchCriteriaId": "81BA2B4F-1665-4505-96FD-FCDEE7D77583",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2348:build_20230324:*:*:*:*:*:*",
                    "matchCriteriaId": "3A28B922-56DF-434B-82B8-1BFC69ED5C70",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2376:build_20230421:*:*:*:*:*:*",
                    "matchCriteriaId": "08349EE1-5D49-402F-9E3F-FFAC9D39FBCB",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\n"
          },
          {
            "lang": "es",
            "value": "Se ha informado que una copia del b\u00fafer sin verificar el tama\u00f1o de la vulnerabilidad de entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los administradores autenticados ejecutar c\u00f3digo a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2514 compilaci\u00f3n 20230906 y posteriores QTS 5.1.2.2533 compilaci\u00f3n 20230926 y posteriores QuTS hero h5.0.1.2515 compilaci\u00f3n 20230907 y posteriores QuTS hero h5.1.2.2534 compilaci\u00f3n 20230927 y posteriores"
          }
        ],
        "id": "CVE-2023-32975",
        "lastModified": "2023-12-13T16:14:16.973",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.2,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.2,
              "impactScore": 3.6,
              "source": "security@qnapsecurity.com.tw",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-12-08T16:15:16.153",
        "references": [
          {
            "source": "security@qnapsecurity.com.tw",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.qnap.com/en/security-advisory/qsa-23-07"
          }
        ],
        "sourceIdentifier": "security@qnapsecurity.com.tw",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-120"
              }
            ],
            "source": "security@qnapsecurity.com.tw",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

WID-SEC-W-2023-3089

Vulnerability from csaf_certbund - Published: 2023-12-10 23:00 - Updated: 2023-12-10 23:00

Summary

QNAP NAS: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: QNAP ist ein Hersteller von NAS (Network Attached Storage) Lösungen.

Angriff: Ein Angreifer kann mehrere Schwachstellen in QNAP NAS ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder Code auszuführen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2023-23372

In QNAP NAS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.

CVE-2023-32975

In QNAP NAS existieren mehrere Schwachstellen. Puffer werden ohne eine sachgemäße Überprüfung der Größe der Eingabe kopiert. Ein privilegierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausführung zu bringen.

CVE-2023-32968

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.qnap.com/de-de/security-advisory/QSA-23-07	external
https://www.qnap.com/de-de/security-advisory/QSA-23-40	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "QNAP ist ein Hersteller von NAS (Network Attached Storage) L\u00f6sungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in QNAP NAS ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren oder Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3089 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3089.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3089 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3089"
      },
      {
        "category": "external",
        "summary": "QNAP Security Advisory vom 2023-12-10",
        "url": "https://www.qnap.com/de-de/security-advisory/QSA-23-07"
      },
      {
        "category": "external",
        "summary": "QNAP Security Advisory vom 2023-12-10",
        "url": "https://www.qnap.com/de-de/security-advisory/QSA-23-40"
      }
    ],
    "source_lang": "en-US",
    "title": "QNAP NAS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-12-10T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:02:33.955+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-3089",
      "initial_release_date": "2023-12-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-12-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QTS 4.5.4.2467 build 20230718",
                "product": {
                  "name": "QNAP NAS \u003c QTS 4.5.4.2467 build 20230718",
                  "product_id": "T029549",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:qts_4.5.4.2467_build_20230718"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QuTS hero h4.5.4.2476 build 20230728",
                "product": {
                  "name": "QNAP NAS \u003c QuTS hero h4.5.4.2476 build 20230728",
                  "product_id": "T029551",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:quts_hero_h4.5.4.2476_build_20230728"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QTS 5.1.0.2444 build 20230629",
                "product": {
                  "name": "QNAP NAS \u003c QTS 5.1.0.2444 build 20230629",
                  "product_id": "T030513",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:qts_5.1.0.2444_build_20230629"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QTS 5.0.1.2425 build 20230609",
                "product": {
                  "name": "QNAP NAS \u003c QTS 5.0.1.2425 build 20230609",
                  "product_id": "T030514",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:qts_5.0.1.2425_build_20230609"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QuTS hero h5.1.0.2424 build 20230609",
                "product": {
                  "name": "QNAP NAS \u003c QuTS hero h5.1.0.2424 build 20230609",
                  "product_id": "T030516",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:quts_hero_h5.1.0.2424_build_20230609"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QTS 5.1.2.2533 build 20230926",
                "product": {
                  "name": "QNAP NAS \u003c QTS 5.1.2.2533 build 20230926",
                  "product_id": "T031543",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:qts_5.1.2.2533_build_20230926"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QTS 5.0.1.2514 build 20230906",
                "product": {
                  "name": "QNAP NAS \u003c QTS 5.0.1.2514 build 20230906",
                  "product_id": "T031544",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:qts_5.0.1.2514_build_20230906"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QuTS hero h5.1.2.2534 build 20230927",
                "product": {
                  "name": "QNAP NAS \u003c QuTS hero h5.1.2.2534 build 20230927",
                  "product_id": "T031545",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:quts_hero_h5.1.2.2534_build_20230927"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "QNAP NAS \u003c QuTS hero h5.0.1.2515 build 20230907",
                "product": {
                  "name": "QNAP NAS \u003c QuTS hero h5.0.1.2515 build 20230907",
                  "product_id": "T031546",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:quts_hero_h5.0.1.2515_build_20230907"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NAS"
          }
        ],
        "category": "vendor",
        "name": "QNAP"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-23372",
      "notes": [
        {
          "category": "description",
          "text": "In QNAP NAS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2023-12-10T23:00:00.000+00:00",
      "title": "CVE-2023-23372"
    },
    {
      "cve": "CVE-2023-32975",
      "notes": [
        {
          "category": "description",
          "text": "In QNAP NAS existieren mehrere Schwachstellen. Puffer werden ohne eine sachgem\u00e4\u00dfe \u00dcberpr\u00fcfung der Gr\u00f6\u00dfe der Eingabe kopiert. Ein privilegierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausf\u00fchrung zu bringen."
        }
      ],
      "release_date": "2023-12-10T23:00:00.000+00:00",
      "title": "CVE-2023-32975"
    },
    {
      "cve": "CVE-2023-32968",
      "notes": [
        {
          "category": "description",
          "text": "In QNAP NAS existieren mehrere Schwachstellen. Puffer werden ohne eine sachgem\u00e4\u00dfe \u00dcberpr\u00fcfung der Gr\u00f6\u00dfe der Eingabe kopiert. Ein privilegierter Angreifer kann diese Schwachstellen ausnutzen, um Code zur Ausf\u00fchrung zu bringen."
        }
      ],
      "release_date": "2023-12-10T23:00:00.000+00:00",
      "title": "CVE-2023-32968"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-32975 (GCVE-0-2023-32975)

CERTFR-2023-AVI-1011

Solution

CERTFR-2023-AVI-1011

Solution

FKIE_CVE-2023-32975

GHSA-CJP2-5MJ8-82HM

GSD-2023-32975

WID-SEC-W-2023-3089

Tags

Sightings

Nomenclature