CVE-2023-34971

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 24, 2023

Updated: Aug 31, 2023

CWE ID 326

Summary

CVE-2023-34971 is a vulnerability affecting QNAP operating systems where encryption strengths are found to be inadequate. This issue may permit local network clients to decrypt data through brute force attacks via unspecified vectors. The vulnerability has been addressed in QTS 5.0.1.2425, QTS 5.1.0.2444, QTS 4.5.4.2467, QuTS hero h5.1.0.2424, and QuTS hero h4.5.4.2476, with later builds providing the fix.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlEnv
https://www.cve.org/CVERecord?id=CVE-2023-34971
https://nvd.nist.gov/vuln/detail/CVE-2023-34971

Back to Vulnerability Database