Improper Access Control in QNAP Helpdesk Product
CVE-2018-0728
7.5HIGH
Summary
The improper access control vulnerability in QNAP's Helpdesk platform allows attackers to gain unauthorized access to sensitive system logs. This can potentially expose confidential information and lead to security breaches. To mitigate this issue, QNAP recommends users to update their QTS and Helpdesk applications to the latest available versions to safeguard against unauthorized access.
Affected Version(s)
QNAP NAS devices All QTS versions: Helpdesk before version 3.0.0
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved