CVE-2024-32765 MEDIUM

CVE-2024-32765: QTS, QuTS hero

Vendor Qnap Systems Inc.
Product QTS
Weakness CWE-291
Published August 9, 2024
Last update August 9, 2024

CVSS base score

4.2/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later

Key dates

02Disclosure timeline

August 9, 2024 CVE published
August 9, 2024 Record updated