CVE-2023-39296

A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qnap.com/en/security-advisory/qsa-23-64	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325::::::
	cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515::::::
	cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603::::::
	cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629::::::
	cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721::::::
	cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815::::::
	cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926::::::

Configuration 2 (hide)

OR	cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525::::::
	cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609::::::
	cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708::::::
	cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721::::::
	cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812::::::
	cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927::::::

History

No history.

Information

Published : 2024-01-05 17:15

Updated : 2024-01-11 17:09

NVD link : CVE-2023-39296

Mitre link : CVE-2023-39296

CVE.ORG link : CVE-2023-39296

JSON object : View

Products Affected

qnap

quts_hero
qts

CWE

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

{"id": "CVE-2023-39296", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security@qnapsecurity.com.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-01-05T17:15:09.100", "references": [{"url": "https://www.qnap.com/en/security-advisory/qsa-23-64", "tags": ["Vendor Advisory"], "source": "security@qnapsecurity.com.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@qnapsecurity.com.tw", "description": [{"lang": "en", "value": "CWE-1321"}]}], "descriptions": [{"lang": "en", "value": "A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.3.2578 build 20231110 and later\nQuTS hero h5.1.3.2578 build 20231110 and later\n"}, {"lang": "es", "value": "Se ha informado que un prototipo de vulnerabilidad de contaminaci\u00f3n afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios anular atributos existentes por otros que tengan un tipo incompatible, lo que puede provocar una falla en la red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.1.3.2578 compilaci\u00f3n 20231110 y posteriores QuTS hero h5.1.3.2578 compilaci\u00f3n 20231110 y posteriores"}], "lastModified": "2024-01-11T17:09:17.823", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39382CBA-EA68-426A-AC07-A9A26E722CAB"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8368130C-F26D-41FE-8D78-B103A23B5327"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E0EE181-78AF-4C3C-90A4-C69A2DE6E176"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56E3AE06-78DA-4844-ADC1-09A35F1C5B54"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2AA7A32-0DA8-4417-A23E-C4F563BC7819"}, {"criteria": "cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E7C17C-ED6D-439D-A1F3-1870A3ADA926"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CA398A8-EBDF-4D41-B15E-7B763F885021"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53387FAC-7BE0-47D7-99BF-2B1F03C17CC3"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4226394-0023-4CD2-BB89-77251BF92FF3"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "646257F7-D4A4-43B0-91F2-7850338B3CA1"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88825AE1-B006-4F7F-BD90-D4B1CF1251A3"}], "operator": "OR"}]}], "sourceIdentifier": "security@qnapsecurity.com.tw"}