CVE-2023-51368
MEDIUM EPSS 22.7%
Published Sep 6, 20241y ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Published Sep 6, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
22.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 21
| Vendor | Product | Version | Range |
|---|---|---|---|
| qnap | qts | 5.1.0.2348 | any |
| qnap | qts | 5.1.0.2399 | any |
| qnap | qts | 5.1.0.2418 | any |
| qnap | qts | 5.1.0.2444 | any |
| qnap | qts | 5.1.0.2466 | any |
| qnap | qts | 5.1.1.2491 | any |
| qnap | qts | 5.1.2.2533 | any |
| qnap | qts | 5.1.3.2578 | any |
| qnap | qts | 5.1.4.2596 | any |
| qnap | qts | 5.1.5.2645 | any |
| qnap | qts | 5.1.5.2679 | any |
| qnap | quts_hero | h5.1.0.2409 | any |
| qnap | quts_hero | h5.1.0.2424 | any |
| qnap | quts_hero | h5.1.0.2453 | any |
| qnap | quts_hero | h5.1.0.2466 | any |
| qnap | quts_hero | h5.1.1.2488 | any |
| qnap | quts_hero | h5.1.2.2534 | any |
| qnap | quts_hero | h5.1.3.2578 | any |
| qnap | quts_hero | h5.1.4.2596 | any |
| qnap | quts_hero | h5.1.5.2647 | any |
| qnap | quts_hero | h5.1.5.2680 | any |
References 1
- qnap.com https://www.qnap.com/en/security-advisory/qsa-24-20
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.