CVE-2021-44055

CWE-862Missing Authorization3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.8%
top 26.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. Video StationQnap Video Station
Timeline
PublishedMay 5
Latest updateMay 6

Description

An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDqnap/video_station5.2.05.3.13+2
CVEListV5qnap_systems_inc./video_stationunspecified5.5.9 ( 2022/02/16 )

🔴Vulnerability Details

2
GHSA
GHSA-r855-rqcr-vpfp: An missing authorization vulnerability has been reported to affect QNAP device running Video Station2022-05-06
CVEList
Information leakage in Video Station2022-05-05
CVE-2021-44055 (CRITICAL CVSS 9.8) | An missing authorization vulnerabil | cvebase.io