A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
History

Fri, 22 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 22 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
Description A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
Title QTS, QuTS hero
Weaknesses CWE-476
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2024-11-22T15:33:15.661Z

Updated: 2024-11-22T17:05:01.188Z

Reserved: 2024-05-31T08:46:24.562Z

Link: CVE-2024-37045

cve-icon Vulnrichment

Updated: 2024-11-22T16:57:54.452Z

cve-icon NVD

Status : Received

Published: 2024-11-22T16:15:23.513

Modified: 2024-11-22T16:15:23.513

Link: CVE-2024-37045

cve-icon Redhat

No data.