admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/34xxx/CVE-2021-34345.json

100 lines
3.2 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
{
"CVE_data_meta": {
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2021-09-10T09:27:00.000Z",
"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
"ID": "CVE-2021-34345",
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
"STATE": "PUBLIC",
"TITLE": "Stack Based Overflow Vulnerability in NVR Storage Expansion"
"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
},
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVR Storage Expansion",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "1.0.6 ( 2021/08/03 )"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "crixer"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2021-09-10 05:00:51 +00:00
"value": "A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later"
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
Change CWE from CWE-120 to CWE-787 For adjustment to CVMAP Acceptance Level
2022-01-03 14:00:32 +08:00
"value": "CWE-787 Out-of-bounds Write"
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
}
]
"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
}
]
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2021-09-10 05:00:51 +00:00
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-36",
"name": "https://www.qnap.com/en/security-advisory/qsa-21-36"
QNAP Security Advisory [QSA-21-03][QSA-21-33][QSA-21-34][QSA-21-36][QSA-21-37]
2021-09-10 10:57:56 +08:00
}
]
},
"solution": [
{
"lang": "eng",
"value": "We have already fixed this vulnerability in the following versions of NVR Storage Expansion:\nNVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later\n"
}
],
"source": {
"advisory": "QSA-21-36",
"discovery": "EXTERNAL"
"-Synchronized-Data."
2021-06-08 21:00:53 +00:00
}
}
Reference in New Issue Copy Permalink