CVE-2023-51366 (GCVE-0-2023-51366)

Vulnerability from cvelistv5 – Published: 2024-09-06 16:26 – Updated: 2024-09-06 17:40
VLAI?
Title
QTS, QuTS hero
Summary
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Severity ?
8.7 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
QNAP Systems Inc. QTS Affected: 5.1.x , < 5.1.6.2722 build 20240402 (custom)
Create a notification for this product.
    QNAP Systems Inc. QuTS hero Unaffected: h5.1.x , < h5.1.6.2734 build 20240414 (custom)
Create a notification for this product.
Credits
chumen77
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-51366",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-06T17:40:24.505561Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-06T17:40:37.404Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.1.6.2722 build 20240402",
              "status": "affected",
              "version": "5.1.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.1.6.2734 build 20240414",
              "status": "unaffected",
              "version": "h5.1.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "chumen77"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.1.6.2722 build 20240402 and later\u003cbr\u003eQuTS hero h5.1.6.2734 build 20240414 and later\u003cbr\u003e"
            }
          ],
          "value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-126",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-126"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-06T16:26:04.945Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-24-20"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.1.6.2722 build 20240402 and later\u003cbr\u003eQuTS hero h5.1.6.2734 build 20240414 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.1.6.2722 build 20240402 and later\nQuTS hero h5.1.6.2734 build 20240414 and later"
        }
      ],
      "source": {
        "advisory": "QSA-24-20",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2023-51366",
    "datePublished": "2024-09-06T16:26:04.945Z",
    "dateReserved": "2023-12-18T14:21:13.239Z",
    "dateUpdated": "2024-09-06T17:40:37.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-51366",
      "date": "2026-04-27",
      "epss": "0.00281",
      "percentile": "0.51501"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-51366\",\"sourceIdentifier\":\"security@qnapsecurity.com.tw\",\"published\":\"2024-09-06T17:15:13.107\",\"lastModified\":\"2024-09-11T13:32:32.563\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\\n\\nWe have already fixed the vulnerability in the following versions:\\nQTS 5.1.6.2722 build 20240402 and later\\nQuTS hero h5.1.6.2734 build 20240414 and later\"},{\"lang\":\"es\",\"value\":\"Se ha informado de una vulnerabilidad de path traversal que afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios leer el contenido de archivos inesperados y exponer datos confidenciales a trav\u00e9s de una red. Ya hemos corregido la vulnerabilidad en las siguientes versiones: QTS 5.1.6.2722 build 20240402 y posteriores QuTS hero h5.1.6.2734 build 20240414 y posteriores\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@qnapsecurity.com.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@qnapsecurity.com.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*\",\"matchCriteriaId\":\"39382CBA-EA68-426A-AC07-A9A26E722CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*\",\"matchCriteriaId\":\"8368130C-F26D-41FE-8D78-B103A23B5327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E0EE181-78AF-4C3C-90A4-C69A2DE6E176\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*\",\"matchCriteriaId\":\"56E3AE06-78DA-4844-ADC1-09A35F1C5B54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2AA7A32-0DA8-4417-A23E-C4F563BC7819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E7C17C-ED6D-439D-A1F3-1870A3ADA926\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.3.2578:build_20231110:*:*:*:*:*:*\",\"matchCriteriaId\":\"636C2D9C-C837-4FAC-B79D-1CA7A7C1FF3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.4.2596:build_20231128:*:*:*:*:*:*\",\"matchCriteriaId\":\"866B455B-0266-4990-920B-A06756ED5A61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.5.2645:build_20240116:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B5C4C5-5EE2-4E6F-927E-1D52A04895BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:qts:5.1.5.2679:build_20240219:*:*:*:*:*:*\",\"matchCriteriaId\":\"543E17BB-B552-4B65-B028-BE9A47E6F34B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA398A8-EBDF-4D41-B15E-7B763F885021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*\",\"matchCriteriaId\":\"53387FAC-7BE0-47D7-99BF-2B1F03C17CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4226394-0023-4CD2-BB89-77251BF92FF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*\",\"matchCriteriaId\":\"646257F7-D4A4-43B0-91F2-7850338B3CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927:*:*:*:*:*:*\",\"matchCriteriaId\":\"88825AE1-B006-4F7F-BD90-D4B1CF1251A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:build_20231110:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F471666-4919-4770-956E-ACE4C55D29DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.4.2596:build_20231128:*:*:*:*:*:*\",\"matchCriteriaId\":\"9573F671-D49E-438A-B72C-DFC390A79093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.5.2647:build_20240118:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E7938F-943F-428D-974D-42E790829F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qnap:quts_hero:h5.1.5.2680:build_20240220:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F5732D-C95F-45D1-968C-C2269DFDF6D4\"}]}]}],\"references\":[{\"url\":\"https://www.qnap.com/en/security-advisory/qsa-24-20\",\"source\":\"security@qnapsecurity.com.tw\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-51366\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-06T17:40:24.505561Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-06T17:40:31.244Z\"}}], \"cna\": {\"title\": \"QTS, QuTS hero\", \"source\": {\"advisory\": \"QSA-24-20\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"chumen77\"}], \"impacts\": [{\"capecId\": \"CAPEC-126\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-126\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"QNAP Systems Inc.\", \"product\": \"QTS\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.x\", \"lessThan\": \"5.1.6.2722 build 20240402\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"QNAP Systems Inc.\", \"product\": \"QuTS hero\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"h5.1.x\", \"lessThan\": \"h5.1.6.2734 build 20240414\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"We have already fixed the vulnerability in the following versions:\\nQTS 5.1.6.2722 build 20240402 and later\\nQuTS hero h5.1.6.2734 build 20240414 and later\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.1.6.2722 build 20240402 and later\u003cbr\u003eQuTS hero h5.1.6.2734 build 20240414 and later\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.qnap.com/en/security-advisory/qsa-24-20\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\\n\\nWe have already fixed the vulnerability in the following versions:\\nQTS 5.1.6.2722 build 20240402 and later\\nQuTS hero h5.1.6.2734 build 20240414 and later\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.1.6.2722 build 20240402 and later\u003cbr\u003eQuTS hero h5.1.6.2734 build 20240414 and later\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22\"}]}], \"providerMetadata\": {\"orgId\": \"2fd009eb-170a-4625-932b-17a53af1051f\", \"shortName\": \"qnap\", \"dateUpdated\": \"2024-09-06T16:26:04.945Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-51366\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-06T17:40:37.404Z\", \"dateReserved\": \"2023-12-18T14:21:13.239Z\", \"assignerOrgId\": \"2fd009eb-170a-4625-932b-17a53af1051f\", \"datePublished\": \"2024-09-06T16:26:04.945Z\", \"assignerShortName\": \"qnap\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.