9.8
CVE-2019-7192
- EPSS 94.07%
- Veröffentlicht 05.12.2019 17:15:12
- Zuletzt bearbeitet 13.02.2025 14:18:25
- Quelle security@qnapsecurity.com.tw
- Teams Watchlist Login
- Unerledigt Login
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qnap ≫ Photo Station Version < 6.0.3
Qnap ≫ Photo Station Version < 5.7.10
Qnap ≫ Photo Station Version < 5.4.9
Qnap ≫ Photo Station Version < 5.2.11
08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
QNAP Photo Station Improper Access Control Vulnerability
SchwachstelleQNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.
BeschreibungApply updates per vendor instructions.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.07% | 0.999 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.