SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: HITVAN
Published: 2023-12-04T23:53:33.743Z
Updated: 2023-12-12T16:36:56.916Z
Reserved: 2023-10-26T17:39:05.623Z
Link: CVE-2023-5808
JSON object: View
NVD Information
Status : Modified
Published: 2023-12-05T00:15:09.840
Modified: 2023-12-12T17:15:08.400
Link: CVE-2023-5808
JSON object: View
Redhat Information
No data.