CVE-2021-44056

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 60.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. Video StationQnap Video Station
Timeline
PublishedMay 5
Latest updateMay 6

Description

An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

CVEListV5qnap_systems_inc./video_stationunspecified5.5.9+2
NVDqnap/video_station5.2.05.3.13+2

🔴Vulnerability Details

2
GHSA
GHSA-rq2w-6955-5m7c: An improper authentication vulnerability has been reported to affect QNAP device running Video Station2022-05-06
CVEList
Improper authentication in Video Station2022-05-05
CVE-2021-44056 (CRITICAL CVSS 9.8) | An improper authentication vulnerab | cvebase.io