A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.6.2722 build 20240402 and later
QuTS hero h5.1.6.2734 build 20240414 and later
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-24-20 |     | 
History
                    Wed, 11 Sep 2024 14:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Qnap Qnap qts Qnap quts Hero | |
| CPEs | cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.3.2578:build_20231110:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.4.2596:build_20231128:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.5.2645:build_20240116:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.1.5.2679:build_20240219:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:build_20231110:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.4.2596:build_20231128:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.5.2647:build_20240118:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.1.5.2680:build_20240220:*:*:*:*:*:* | |
| Vendors & Products | Qnap Qnap qts Qnap quts Hero | 
Fri, 06 Sep 2024 18:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 06 Sep 2024 16:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |
| Title | QTS, QuTS hero | |
| Weaknesses | CWE-476 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: qnap
Published: 2024-09-06T16:26:15.562Z
Updated: 2024-09-06T17:34:51.382Z
Reserved: 2023-12-18T14:21:13.239Z
Link: CVE-2023-51368
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-09-06T17:34:47.846Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-09-06T17:15:13.487
Modified: 2024-09-11T13:33:30.853
Link: CVE-2023-51368
 Redhat
                        Redhat
                    No data.