Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.3 build 20210505 on QSW-M2108-2C; versions prior to 1.0.3 build 20210505 on QSW-M2108-2S; versions prior to 1.0.3 build 20210505 on QSW-M2108R-2C; versions prior to 1.0.12 build 20210506 on QSW-M408.
References
Link | Resource |
---|---|
https://www.qnap.com/zh-tw/security-advisory/qsa-21-24 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: qnap
Published: 2021-06-11T00:00:00
Updated: 2021-06-11T06:35:14
Reserved: 2021-03-18T00:00:00
Link: CVE-2021-28805
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-11T07:15:06.593
Modified: 2022-10-18T21:06:17.947
Link: CVE-2021-28805
JSON object: View
Redhat Information
No data.