CVE-2023-47564

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/02/2024
Last modified:
09/02/2024

Description

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.<br /> <br /> We have already fixed the vulnerability in the following versions:<br /> Qsync Central 4.4.0.15 ( 2024/01/04 ) and later<br /> Qsync Central 4.3.0.11 ( 2024/01/11 ) and later<br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:* 4.3.0.0 (including) 4.3.0.11 (excluding)
cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:* 4.4.0.0 (including) 4.4.0.15 (excluding)


References to Advisories, Solutions, and Tools