SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
Metrics
Affected Vendors & Products
History
No history.
MITRE
Status: PUBLISHED
Assigner: HITVAN
Published: 2023-12-04T23:53:33.743Z
Updated: 2024-08-28T17:34:56.347Z
Reserved: 2023-10-26T17:39:05.623Z
Link: CVE-2023-5808
Vulnrichment
Updated: 2024-08-02T08:14:23.995Z
NVD
Status : Modified
Published: 2023-12-05T00:15:09.840
Modified: 2024-11-21T08:42:32.017
Link: CVE-2023-5808
Redhat
No data.