CVE-2023-39298: QTS, QuTS hero
First published: Fri Sep 06 2024(Updated: )
A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors. QuTScloud, is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2737 build 20240417 and later QuTS hero h5.2.0.2782 build 20240601 and later
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QNAP QTS | =5.1.0.2348-build_20230325 | |
| QNAP QTS | =5.1.0.2399-build_20230515 | |
| QNAP QTS | =5.1.0.2418-build_20230603 | |
| QNAP QTS | =5.1.0.2444-build_20230629 | |
| QNAP QTS | =5.1.0.2466-build_20230721 | |
| QNAP QTS | =5.1.1.2491-build_20230815 | |
| QNAP QTS | =5.1.2.2533-build_20230926 | |
| QNAP QTS | =5.1.3.2578-build_20231110 | |
| QNAP QTS | =5.1.4.2596-build_20231128 | |
| QNAP QTS | =5.1.5.2645-build_20240116 | |
| QNAP QTS | =5.1.5.2679-build_20240219 | |
| QNAP QTS | =5.1.6.2722-build_20240402 | |
| QNAP QTS | =5.1.7.2770-build_20240520 | |
| QNAP QTS | =5.1.8.2823-build_20240712 | |
| QNAP QTS | =5.2.0.2737-build_20240417 | |
| QNAP QTS | =5.2.0.2744-build_20240424 | |
| QNAP QuTS hero | =h5.1.0.2409-build_20230525 | |
| QNAP QuTS hero | =h5.1.0.2424-build_20230609 | |
| QNAP QuTS hero | =h5.1.0.2453-build_20230708 | |
| QNAP QuTS hero | =h5.1.0.2466-build_20230721 | |
| QNAP QuTS hero | =h5.1.1.2488-build_20230812 | |
| QNAP QuTS hero | =h5.1.2.2534-build_20230927 | |
| QNAP QuTS hero | =h5.1.3.2578-build_20231110 | |
| QNAP QuTS hero | =h5.1.4.2596-build_20231128 | |
| QNAP QuTS hero | =h5.1.5.2647-build_20240118 | |
| QNAP QuTS hero | =h5.1.5.2680-build_20240220 | |
| QNAP QuTS hero | =h5.1.6.2734-build_20240414 | |
| QNAP QuTS hero | =h5.1.7.2770-build_20240520 | |
| QNAP QuTS hero | =h5.1.7.2788-build_20240607 | |
| QNAP QuTS hero | =h5.1.7.2794-build_20240613 | |
| QNAP QuTS hero | =h5.1.8.2823-build_20240712 | |
| QNAP QuTS hero | =h5.2.0.2737-build_20240417 |
Remedy
We have already fixed the vulnerability in the following versions: QTS 5.2.0.2737 build 20240417 and later QuTS hero h5.2.0.2782 build 20240601 and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/title
- agent/remedy
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- vendor/qnap
- canonical/qnap qts
- version/qnap qts/5.1.0.2348-build_20230325
- version/qnap qts/5.1.0.2399-build_20230515
- version/qnap qts/5.1.0.2418-build_20230603
- version/qnap qts/5.1.0.2444-build_20230629
- version/qnap qts/5.1.0.2466-build_20230721
- version/qnap qts/5.1.1.2491-build_20230815
- version/qnap qts/5.1.2.2533-build_20230926
- version/qnap qts/5.1.3.2578-build_20231110
- version/qnap qts/5.1.4.2596-build_20231128
- version/qnap qts/5.1.5.2645-build_20240116
- version/qnap qts/5.1.5.2679-build_20240219
- version/qnap qts/5.1.6.2722-build_20240402
- version/qnap qts/5.1.7.2770-build_20240520
- version/qnap qts/5.1.8.2823-build_20240712
- version/qnap qts/5.2.0.2737-build_20240417
- version/qnap qts/5.2.0.2744-build_20240424
- canonical/qnap quts hero
- version/qnap quts hero/h5.1.0.2409-build_20230525
- version/qnap quts hero/h5.1.0.2424-build_20230609
- version/qnap quts hero/h5.1.0.2453-build_20230708
- version/qnap quts hero/h5.1.0.2466-build_20230721
- version/qnap quts hero/h5.1.1.2488-build_20230812
- version/qnap quts hero/h5.1.2.2534-build_20230927
- version/qnap quts hero/h5.1.3.2578-build_20231110
- version/qnap quts hero/h5.1.4.2596-build_20231128
- version/qnap quts hero/h5.1.5.2647-build_20240118
- version/qnap quts hero/h5.1.5.2680-build_20240220
- version/qnap quts hero/h5.1.6.2734-build_20240414
- version/qnap quts hero/h5.1.7.2770-build_20240520
- version/qnap quts hero/h5.1.7.2788-build_20240607
- version/qnap quts hero/h5.1.7.2794-build_20240613
- version/qnap quts hero/h5.1.8.2823-build_20240712
- version/qnap quts hero/h5.2.0.2737-build_20240417