CVE-2018-19947

CWE-200 — Information Exposure CWE-209 CWE-2104 documents4 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 45.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qnap Systems Inc. Helpdesk Qnap Helpdesk

Timeline

PublishedSep 11

Latest updateMay 24

Description

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶NVDqnap/helpdesk< 3.0.3

▶CVEListV5qnap_systems_inc./helpdeskunspecified — 3.0.3

🔴Vulnerability Details

GHSA

GHSA-h4wq-q9hr-ffm6: The vulnerability have been reported to affect earlier versions of Helpdesk↗2022-05-24

▶

CVEList

CVE-2018-19947: The vulnerability have been reported to affect earlier versions of Helpdesk↗2020-09-11

▶

OSV

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2020-09-03

▶