CVE-2023-47564

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.15 ( 2024/01/04 ) and later Qsync Central 4.3.0.11 ( 2024/01/11 ) and later
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*
cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*

History

09 Feb 2024, 19:33

Type Values Removed Values Added
First Time Qnap
Qnap qsync Central
CPE cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.1
References () https://www.qnap.com/en/security-advisory/qsa-24-03 - () https://www.qnap.com/en/security-advisory/qsa-24-03 - Vendor Advisory

02 Feb 2024, 16:30

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-02 16:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-47564

Mitre link : CVE-2023-47564

CVE.ORG link : CVE-2023-47564


JSON object : View

Products Affected

qnap

  • qsync_central
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource