CVE-2021-28814

CWE-269Improper Privilege Management3 documents3 sources
Severity
8.8HIGH
EPSS
0.6%
top 30.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. HelpdeskQnap Helpdesk
Timeline
PublishedJun 11
Latest updateMay 24

Description

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5qnap_systems_inc./helpdeskunspecified3.0.4
NVDqnap/helpdesk< 3.0.4

🔴Vulnerability Details

2
GHSA
GHSA-c3j9-jwrq-h9fm: An improper access control vulnerability has been reported to affect QNAP NAS2022-05-24
CVEList
Improper Access Control Vulnerability in Helpdesk2021-06-11
CVE-2021-28814 (HIGH CVSS 8.8) | An improper access control vulnerab | cvebase.io