Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for Video Station by Qnap

    CERTFR-2024-AVI-0752

    Vulnerability from certfr_avis - Published: 2024-09-09 - Updated: 2025-01-21

    De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Qnap QuTS hero QuTS hero versions h4.5.x antérieures à h4.5.4.2790 build 20240606
    Qnap QTS QTS versions 4.3.4 antérieures à 4.3.4.2814 build 20240618
    Qnap Download Station Download Station versions 5.8.x antérieures à 5.8.6.283
    Qnap QTS QTS versions 4.3.3 antérieures à 4.3.3.2784 build 20240619
    Qnap QuMagie QuMagie versions 2.3.x antérieures à 2.3.1
    Qnap QTS QTS versions 4.2.6 antérieures à 4.2.6 build 20240618
    Qnap QTS QTS versions 4.3.6 antérieures à 4.3.6.2805 build 20240619
    Qnap Helpdesk Helpdesk versions 3.3.x antérieures à 3.3.1
    Qnap Notes Station Notes Station 3 versions 3.9.x antérieures à 3.9.6
    Qnap QTS QTS versions 5.1.x antérieures à 5.2.0.2782 build 20240601
    Qnap QuTS hero QuTS hero versions h4.5.x antérieures à h4.5.4.2626 build 20231225
    Qnap QuTS hero QuTS hero versions h5.1.x antérieures à h5.2.0.2782 build 20240601
    Qnap Music Station Music Station versions 5.4.x antérieures à 5.4.0
    Qnap Video Station Video Station versions 5.8.x antérieures à 5.8.2
    Qnap QTS QTS versions 4.5.x antérieures à 4.5.4.2790 build 20240605
    Qnap QuLog Center QuLog Center versions 1.7.x.x antérieures à 1.7.0.827
    Qnap QuLog Center QuLog Center versions 1.8.x.x antérieures à 1.8.0.872
    Qnap QVR QVR Smart Client versions 2.4.x.x antérieures à 2.4.0.0570
    References
    Bulletin de sécurité Qnap QSA-24-24 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-26 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-34 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-30 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-21 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-27 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-29 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-28 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-32 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-25 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-33 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-22 2024-09-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-24-35 2024-09-07 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "QuTS hero versions h4.5.x ant\u00e9rieures \u00e0 h4.5.4.2790 build 20240606",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.3.4 ant\u00e9rieures \u00e0 4.3.4.2814 build 20240618",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Download Station versions 5.8.x ant\u00e9rieures \u00e0 5.8.6.283",
          "product": {
            "name": "Download Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.3.3 ant\u00e9rieures \u00e0 4.3.3.2784 build 20240619",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuMagie versions 2.3.x ant\u00e9rieures \u00e0 2.3.1",
          "product": {
            "name": "QuMagie",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.2.6 ant\u00e9rieures \u00e0 4.2.6 build 20240618",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.3.6 ant\u00e9rieures \u00e0 4.3.6.2805 build 20240619",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Helpdesk versions 3.3.x ant\u00e9rieures \u00e0 3.3.1",
          "product": {
            "name": "Helpdesk",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Notes Station 3 versions 3.9.x ant\u00e9rieures \u00e0 3.9.6",
          "product": {
            "name": "Notes Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 5.1.x ant\u00e9rieures \u00e0 5.2.0.2782 build 20240601",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuTS hero versions h4.5.x ant\u00e9rieures \u00e0 h4.5.4.2626 build 20231225",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuTS hero versions h5.1.x ant\u00e9rieures \u00e0 h5.2.0.2782 build 20240601",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Music Station versions 5.4.x ant\u00e9rieures \u00e0 5.4.0",
          "product": {
            "name": "Music Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Video Station versions 5.8.x ant\u00e9rieures \u00e0 5.8.2",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.5.x ant\u00e9rieures \u00e0 4.5.4.2790 build 20240605",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuLog Center versions 1.7.x.x ant\u00e9rieures \u00e0 1.7.0.827",
          "product": {
            "name": "QuLog Center",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuLog Center versions 1.8.x.x ant\u00e9rieures \u00e0 1.8.0.872",
          "product": {
            "name": "QuLog Center",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QVR Smart Client versions 2.4.x.x ant\u00e9rieures \u00e0 2.4.0.0570",
          "product": {
            "name": "QVR",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2022-27592",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-27592"
        },
        {
          "name": "CVE-2023-50360",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-50360"
        },
        {
          "name": "CVE-2024-32762",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32762"
        },
        {
          "name": "CVE-2024-21906",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21906"
        },
        {
          "name": "CVE-2024-38640",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38640"
        },
        {
          "name": "CVE-2024-53691",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-53691"
        },
        {
          "name": "CVE-2023-34974",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-34974"
        },
        {
          "name": "CVE-2024-27125",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27125"
        },
        {
          "name": "CVE-2024-32763",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32763"
        },
        {
          "name": "CVE-2024-27126",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27126"
        },
        {
          "name": "CVE-2023-47563",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-47563"
        },
        {
          "name": "CVE-2024-38641",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38641"
        },
        {
          "name": "CVE-2024-38642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38642"
        },
        {
          "name": "CVE-2023-34979",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-34979"
        },
        {
          "name": "CVE-2023-39298",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39298"
        },
        {
          "name": "CVE-2023-39300",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39300"
        },
        {
          "name": "CVE-2023-45038",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45038"
        },
        {
          "name": "CVE-2024-32771",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32771"
        },
        {
          "name": "CVE-2023-38545",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
        },
        {
          "name": "CVE-2024-27122",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27122"
        }
      ],
      "initial_release_date": "2024-09-09T00:00:00",
      "last_revision_date": "2025-01-21T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-0752",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-09-09T00:00:00.000000"
        },
        {
          "description": "Ajout de l\u0027identifiant CVE-2024-53691.",
          "revision_date": "2025-01-21T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
      "vendor_advisories": [
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-24",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-24"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-26",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-26"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-34",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-34"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-30",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-30"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-21",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-21"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-27",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-27"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-29",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-29"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-28",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-28"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-32",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-32"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-25",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-25"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-33",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-33"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-22",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-22"
        },
        {
          "published_at": "2024-09-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-24-35",
          "url": "https://www.qnap.com/go/security-advisory/qsa-24-35"
        }
      ]
    }

    CERTFR-2024-AVI-0011

    Vulnerability from certfr_avis - Published: 2024-01-08 - Updated: 2024-01-08

    De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    Qnap N/A QcalAgent versions 1.1.x antérieures à 1.1.8
    Qnap QTS QTS versions 5.1.x antérieures à 5.1.4.2596 build 20231128
    Qnap QuTS hero QuTS hero versions h5.1.x antérieures à h5.1.4.2596 build 20231128
    Qnap Video Station Video Station versions 5.7.x antérieures à 5.7.2
    Qnap QuMagie QuMagie versions 2.2.x antérieures à 2.2.1

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "QcalAgent versions 1.1.x ant\u00e9rieures \u00e0 1.1.8",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 5.1.x ant\u00e9rieures \u00e0 5.1.4.2596 build 20231128",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuTS hero versions h5.1.x ant\u00e9rieures \u00e0 h5.1.4.2596 build 20231128",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Video Station versions 5.7.x ant\u00e9rieures \u00e0 5.7.2",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuMagie versions 2.2.x ant\u00e9rieures \u00e0 2.2.1",
          "product": {
            "name": "QuMagie",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2023-41288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-41288"
        },
        {
          "name": "CVE-2022-43634",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-43634"
        },
        {
          "name": "CVE-2023-45041",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45041"
        },
        {
          "name": "CVE-2023-47560",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-47560"
        },
        {
          "name": "CVE-2023-45039",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45039"
        },
        {
          "name": "CVE-2023-45043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45043"
        },
        {
          "name": "CVE-2023-47559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-47559"
        },
        {
          "name": "CVE-2023-41287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-41287"
        },
        {
          "name": "CVE-2023-39296",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39296"
        },
        {
          "name": "CVE-2023-45044",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45044"
        },
        {
          "name": "CVE-2023-39294",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39294"
        },
        {
          "name": "CVE-2023-45042",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45042"
        },
        {
          "name": "CVE-2023-47219",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-47219"
        },
        {
          "name": "CVE-2023-41289",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-41289"
        },
        {
          "name": "CVE-2023-45040",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45040"
        }
      ],
      "initial_release_date": "2024-01-08T00:00:00",
      "last_revision_date": "2024-01-08T00:00:00",
      "links": [],
      "reference": "CERTFR-2024-AVI-0011",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-01-08T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-32 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-32"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-23 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-23"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-54 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-54"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-34 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-34"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-27 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-27"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-22 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-22"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-64 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-64"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-55 du 06 janvier 2024",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-55"
        }
      ]
    }

    CERTFR-2023-AVI-0846

    Vulnerability from certfr_avis - Published: 2023-10-16 - Updated: 2023-10-16

    De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    Qnap N/A Container Station versions 5..6.x antérieures à 2.6.7.44
    Qnap QTS QTS hero versions h5.0.x antérieures à h5.0.1.2515 build 20230907
    Qnap QTS QTS versions 5.1.x antérieures à 5.1.0.2444 build 20230629
    Qnap QTS QTS versions 4.5.x antérieures à 4.5.4.2467 build 20230718
    Qnap QTS QTS hero versions h5.1.x antérieures à h5.1.0.2424 build 20230609
    Qnap N/A QuTScloud versions c5.x antérieures à c5.1.0.2498
    Qnap QTS QTS hero versions h4.5.x antérieures à h4.5.4.2476 build 20230728
    Qnap QTS QTS versions 5.0.x antérieures à 5.0.1.2425 build 20230609
    Qnap Video Station Video Station versions 5.7.x antérieures à 5.7.0 (2023/07/27)

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Container Station versions 5..6.x ant\u00e9rieures \u00e0 2.6.7.44",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS hero versions h5.0.x ant\u00e9rieures \u00e0 h5.0.1.2515 build 20230907",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 5.1.x ant\u00e9rieures \u00e0 5.1.0.2444 build 20230629",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 4.5.x ant\u00e9rieures \u00e0 4.5.4.2467 build 20230718",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS hero versions h5.1.x ant\u00e9rieures \u00e0 h5.1.0.2424 build 20230609",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuTScloud versions c5.x ant\u00e9rieures \u00e0 c5.1.0.2498",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS hero versions h4.5.x ant\u00e9rieures \u00e0 h4.5.4.2476 build 20230728",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QTS versions 5.0.x ant\u00e9rieures \u00e0 5.0.1.2425 build 20230609",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Video Station versions 5.7.x ant\u00e9rieures \u00e0 5.7.0 (2023/07/27)",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2023-34975",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-34975"
        },
        {
          "name": "CVE-2023-34977",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-34977"
        },
        {
          "name": "CVE-2023-32976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-32976"
        },
        {
          "name": "CVE-2023-32973",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-32973"
        },
        {
          "name": "CVE-2023-32970",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-32970"
        },
        {
          "name": "CVE-2023-34976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-34976"
        },
        {
          "name": "CVE-2023-32974",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-32974"
        }
      ],
      "initial_release_date": "2023-10-16T00:00:00",
      "last_revision_date": "2023-10-16T00:00:00",
      "links": [],
      "reference": "CERTFR-2023-AVI-0846",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2023-10-16T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-42 du 14 octobre 2023",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-42"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-52 du 14 octobre 2023",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-52"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-41 du 14 octobre 2023",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-41"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-23-44 du 14 octobre 2023",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-23-44"
        }
      ]
    }

    CERTFR-2022-AVI-421

    Vulnerability from certfr_avis - Published: 2022-05-06 - Updated: 2022-05-06

    De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    Qnap N/A Qnap Photo Station versions antérieures à 6.0.20 (2022/02/15)
    Qnap N/A Qnap Photo Station versions antérieures à 5.4.13 (2022/02/11)
    Qnap N/A Qnap Photo Station versions antérieures à 5.7.16 (2022/02/11)
    Qnap Video Station Qnap Video Station versions antérieures à 5.3.13
    Qnap QTS Qnap QTS versions antérieures à 4.5.4.1991 build 20220329
    Qnap QTS Qnap QTS versions antérieures à 4.3.4.1976 build 20220303
    Qnap N/A Qnap QuTScloud versions antérieures à c5.0.1.1998
    Qnap QTS Qnap QTS versions antérieures à 4.2.6 build 20220304
    Qnap QTS Qnap QTS versions antérieures à 4.3.3.1945 build 20220303
    Qnap QTS Qnap QTS versions antérieures à 5.0.0.1986 build 20220324
    Qnap Video Station Qnap Video Station versions antérieures à 5.5.9
    Qnap QTS Qnap QTS versions antérieures à 4.3.6.1965 build 20220302
    Qnap QVR Qnap QVR versions antérieures à 5.1.6 build 20220401
    Qnap Video Station Qnap Video Station versions antérieures à 5.1.8
    Qnap QuTS hero Qnap QuTS hero versions antérieures à h5.0.0.1986 build 20220324
    Qnap QuTS hero Qnap QuTS hero versions antérieures à h4.5.4.1971 build 20220310

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Qnap Photo Station versions ant\u00e9rieures \u00e0 6.0.20 (2022/02/15)",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap Photo Station versions ant\u00e9rieures \u00e0 5.4.13 (2022/02/11)",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap Photo Station versions ant\u00e9rieures \u00e0 5.7.16 (2022/02/11)",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap Video Station versions ant\u00e9rieures \u00e0 5.3.13",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 4.5.4.1991 build 20220329",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 4.3.4.1976 build 20220303",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QuTScloud versions ant\u00e9rieures \u00e0 c5.0.1.1998",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 4.2.6 build 20220304",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 4.3.3.1945 build 20220303",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 5.0.0.1986 build 20220324",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap Video Station versions ant\u00e9rieures \u00e0 5.5.9",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QTS versions ant\u00e9rieures \u00e0 4.3.6.1965 build 20220302",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QVR versions ant\u00e9rieures \u00e0 5.1.6 build 20220401",
          "product": {
            "name": "QVR",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap Video Station versions ant\u00e9rieures \u00e0 5.1.8",
          "product": {
            "name": "Video Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QuTS hero versions ant\u00e9rieures \u00e0 h5.0.0.1986 build 20220324",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qnap QuTS hero versions ant\u00e9rieures \u00e0 h4.5.4.1971 build 20220310",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2022-44056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44056"
        },
        {
          "name": "CVE-2022-44057",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44057"
        },
        {
          "name": "CVE-2022-44053",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44053"
        },
        {
          "name": "CVE-2022-44052",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44052"
        },
        {
          "name": "CVE-2022-44054",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44054"
        },
        {
          "name": "CVE-2022-27588",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-27588"
        },
        {
          "name": "CVE-2022-44055",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44055"
        },
        {
          "name": "CVE-2022-38693",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-38693"
        },
        {
          "name": "CVE-2022-44051",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-44051"
        }
      ],
      "initial_release_date": "2022-05-06T00:00:00",
      "last_revision_date": "2022-05-06T00:00:00",
      "links": [],
      "reference": "CERTFR-2022-AVI-421",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2022-05-06T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-22-13 du 6 mai 2022",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-13"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-22-14 du 6 mai 2022",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-14"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-22-07 du 6 mai 2022",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-07"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-22-15 du 6 mai 2022",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-15"
        },
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-22-16 du 6 mai 2022",
          "url": "https://www.qnap.com/fr-fr/security-advisory/qsa-22-16"
        }
      ]
    }

    CVE-2017-13071 (GCVE-0-2017-13071)

    Vulnerability from nvd – Published: 2017-11-22 17:00 – Updated: 2024-09-16 19:52
    VLAI
    Summary
    QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier.
    Severity
    No CVSS data available.
    CWE
    • Command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Video Station Affected: Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier
    Create a notification for this product.
    Date Public
    2017-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:58:12.298Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Video Station",
              "vendor": "QNAP",
              "versions": [
                {
                  "status": "affected",
                  "version": "Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier"
                }
              ]
            }
          ],
          "datePublic": "2017-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T16:57:01.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2017-11-21T00:00:00",
              "ID": "CVE-2017-13071",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Video Station",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2017-13071",
        "datePublished": "2017-11-22T17:00:00.000Z",
        "dateReserved": "2017-08-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:52:19.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-13071 (GCVE-0-2017-13071)

    Vulnerability from cvelistv5 – Published: 2017-11-22 17:00 – Updated: 2024-09-16 19:52
    VLAI
    Summary
    QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier.
    Severity
    No CVSS data available.
    CWE
    • Command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Video Station Affected: Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier
    Create a notification for this product.
    Date Public
    2017-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:58:12.298Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Video Station",
              "vendor": "QNAP",
              "versions": [
                {
                  "status": "affected",
                  "version": "Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier"
                }
              ]
            }
          ],
          "datePublic": "2017-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-22T16:57:01.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2017-11-21T00:00:00",
              "ID": "CVE-2017-13071",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Video Station",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Video Station 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/nas-201711-21"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2017-13071",
        "datePublished": "2017-11-22T17:00:00.000Z",
        "dateReserved": "2017-08-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:52:19.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }