CVE-2018-19944

Severity CVSS v4.0:
Pending analysis
Type:
CWE-311 Missing Encryption of Sensitive Data
Publication date:
31/12/2020
Last modified:
17/06/2026

Description

A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later)

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:* 4.4.3.1354 (excluding)