gsd-2023-39301
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2514 build 20230906 and later
QTS 5.1.1.2491 build 20230815 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.1.2488 build 20230812 and later
QuTScloud c5.1.0.2498 and later
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-39301",
"id": "GSD-2023-39301"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-39301"
],
"details": "A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.1.2491 build 20230815 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.1.2488 build 20230812 and later\nQuTScloud c5.1.0.2498 and later\n",
"id": "GSD-2023-39301",
"modified": "2023-12-13T01:20:33.165586Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"ID": "CVE-2023-39301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QTS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "5.0.x",
"version_value": "5.0.1.2514 build 20230906"
},
{
"version_affected": "\u003c",
"version_name": "5.1.x",
"version_value": "5.1.1.2491 build 20230815"
}
]
}
},
{
"product_name": "QuTS hero",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "h5.0.x",
"version_value": "h5.0.1.2515 build 20230907"
},
{
"version_affected": "\u003c",
"version_name": "h5.1.x",
"version_value": "h5.1.1.2488 build 20230812"
}
]
}
},
{
"product_name": "QuTScloud",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "c5.x.x",
"version_value": "c5.1.0.2498"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Aymen BORGI and Ibrahim AYADHI from RandoriSec"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.1.2491 build 20230815 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.1.2488 build 20230812 and later\nQuTScloud c5.1.0.2498 and later\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-918",
"lang": "eng",
"value": "CWE-918"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-23-51",
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-23-51"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.0.1.2514 build 20230906 and later\u003cbr\u003eQTS 5.1.1.2491 build 20230815 and later\u003cbr\u003eQuTS hero h5.0.1.2515 build 20230907 and later\u003cbr\u003eQuTS hero h5.1.1.2488 build 20230812 and later\u003cbr\u003eQuTScloud c5.1.0.2498 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.1.2491 build 20230815 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.1.2488 build 20230812 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"source": {
"advisory": "QSA-23-51",
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.1.1.2491",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.0.1.2514",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "h5.1.1.2488",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "h5.0.1.2515",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:qnap:qutscloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "c5.1.0.2498",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"ID": "CVE-2023-39301"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2514 build 20230906 and later\nQTS 5.1.1.2491 build 20230815 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.1.2488 build 20230812 and later\nQuTScloud c5.1.0.2498 and later\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-23-51",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-51"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2023-11-14T15:29Z",
"publishedDate": "2023-11-03T17:15Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.