admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-147xx/CVE-2018-14746.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

119 lines
3.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-14746",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2018-11-28T16:29:00.233",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de comandos en QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829 y QTS 4.2.6 build 20180829 y sus versiones anteriores podr\u00eda permitir que los atacantes remotos ejecuten comandos arbitrarios en el NAS."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9E6F8F-A433-45A7-8839-5D478FE179A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5994C07-17FE-4784-9FA4-9675BA8B4743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C7D2D4-769F-4297-89F4-75366FFA7618"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7CF3D8-0BB6-410F-84C1-D48764687561"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201811-22",
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink