A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.1.2930 build 20241025 and later
QuTS hero h5.2.1.2929 build 20241025 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-43 |
History
Fri, 22 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 22 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later | |
Title | QTS, QuTS hero | |
Weaknesses | CWE-476 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-11-22T15:33:15.661Z
Updated: 2024-11-22T17:05:01.188Z
Reserved: 2024-05-31T08:46:24.562Z
Link: CVE-2024-37045
Vulnrichment
Updated: 2024-11-22T16:57:54.452Z
NVD
Status : Received
Published: 2024-11-22T16:15:23.513
Modified: 2024-11-22T16:15:23.513
Link: CVE-2024-37045
Redhat
No data.