An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.
We have already fixed the vulnerability in the following versions:
Qsync Central 4.4.0.15 ( 2024/01/04 ) and later
Qsync Central 4.3.0.11 ( 2024/01/11 ) and later
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-03 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Feb 2024, 19:33
Type | Values Removed | Values Added |
---|---|---|
First Time |
Qnap
Qnap qsync Central |
|
CPE | cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
References | () https://www.qnap.com/en/security-advisory/qsa-24-03 - Vendor Advisory |
02 Feb 2024, 16:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-02 16:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-47564
Mitre link : CVE-2023-47564
CVE.ORG link : CVE-2023-47564
JSON object : View
Products Affected
qnap
- qsync_central
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource