HIGH✓ PATCH🇬🇧 English

CVE-2021-28814

CVSS 8.8v3.1pub. 2021-06-11upd. 2024-11-21

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Qnap Helpdesk

    APP
    Qnap
    < 3.0.4
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-2507CRITICAL9.8ten sam produkt

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection v...

CVE-2020-2500CRITICAL9.8ten sam produkt

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service....

CVE-2018-0714CRITICAL9.8ten sam produkt

Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS ...

CVE-2020-2506HIGH7.3⚠ KEVten sam produkt

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access con...

CVE-2024-50394HIGH7.7ten sam produkt

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulne...