cvelist/2019/7xxx/CVE-2019-7184.json

62 lines
2.0 KiB
JSON
Raw Normal View History

2019-01-29 15:04:20 -05:00
{
2019-12-05 17:01:07 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
2019-03-18 05:10:33 +00:00
"CVE_data_meta": {
"ID": "CVE-2019-7184",
2019-12-05 17:01:07 +00:00
"ASSIGNER": "security@qnap.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "QNAP NAS devices running Video Station",
"version": {
"version_data": [
{
"version_value": "QTS 4.4.1: Video Station before version 5.4.3, QTS 4.3.4 - QTS 4.4.0: Video Station before version 5.3.10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.qnap.com/zh-tw/security-advisory/nas-201911-27",
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201911-27"
}
]
2019-03-18 05:10:33 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
2019-12-05 17:01:07 +00:00
"value": "This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator\u2019s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions."
2019-03-18 05:10:33 +00:00
}
]
}
}