An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2277 and later
QTS 4.5.4.2280 build 20230112 and later
QuTS hero h5.0.1.2277 build 20230112 and later
QuTS hero h4.5.4.2374 build 20230417 and later
QuTScloud c5.0.1.2374 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-09 |
History
Fri, 20 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2277 and later QTS 4.5.4.2280 build 20230112 and later QuTS hero h5.0.1.2277 build 20230112 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later | |
Title | QTS, QuTS hero, QuTScloud | |
Weaknesses | CWE-400 CWE-798 |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-12-19T01:39:38.167Z
Updated: 2024-12-20T17:41:53.027Z
Reserved: 2022-03-21T22:02:33.327Z
Link: CVE-2022-27600
Vulnrichment
Updated: 2024-12-20T16:46:06.192Z
NVD
Status : Received
Published: 2024-12-19T02:15:21.493
Modified: 2024-12-19T02:15:21.493
Link: CVE-2022-27600
Redhat
No data.