CVE-2023-47564

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Feb 2, 2024

Updated: Feb 9, 2024

CWE ID 732

Summary

CVE-2023-47564 is a vulnerability affecting Qsync Central where an incorrect permission assignment for a critical resource has been identified. This issue grants authenticated users the ability to read or modify the resource over a network. It is recommended that users upgrade to Qsync Central versions 4.4.0.15 or later, released on January 4, 2024, and 4.3.0.11 or later, released on January 11, 2024, to mitigate this vulnerability. Failure to apply the patch may expose systems to potential unauthorized access or data manipulation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tS-BGp
https://www.cve.org/CVERecord?id=CVE-2023-47564
https://nvd.nist.gov/vuln/detail/CVE-2023-47564

Back to Vulnerability Database

CVE-2023-47564

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations