SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: HITVAN

Published: 2023-12-04T23:53:33.743Z

Updated: 2024-08-28T17:34:56.347Z

Reserved: 2023-10-26T17:39:05.623Z

Link: CVE-2023-5808

cve-icon Vulnrichment

Updated: 2024-08-02T08:14:23.995Z

cve-icon NVD

Status : Modified

Published: 2023-12-05T00:15:09.840

Modified: 2023-12-12T17:15:08.400

Link: CVE-2023-5808

cve-icon Redhat

No data.