CVE-2023-39303

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 2, 2024

Updated: Feb 6, 2024

CWE ID 287

Summary

CVE-2023-39303 is a newly discovered authentication vulnerability that affects several QNAP operating system versions. If exploited, an unauthorized user could gain unauthorized access to the system over a network. This issue has been resolved in QTS 5.1.3.2578 build 20231110 and later, QuTS hero h5.1.3.2578 build 20231110 and later, and QuTScloud c5.1.5.2651 and later. Users running affected versions are urged to update their systems as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sIbUPK
https://www.cve.org/CVERecord?id=CVE-2023-39303
https://nvd.nist.gov/vuln/detail/CVE-2023-39303

Back to Vulnerability Database