CVE-2021-44057Improper Authentication in Systems INC Photo Station

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICALNVD
CNA7.1
EPSS
0.4%
top 42.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems INC Photo StationQnap Photo Station
Timeline
PublishedMay 5
Latest updateMay 6

Description

An improper authentication vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.20 ( 2022/02/15 ) and later Photo Station 5.7.16 ( 2022/02/11 ) and later Photo Station 5.4.13 ( 2022/02/11 ) and later

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5qnap_systems_inc/photo_stationunspecified6.0.20 ( 2022/02/15 )+2
NVDqnap/photo_station5.6.05.7.16+2

🔴Vulnerability Details

2
GHSA
GHSA-9mp7-fmr4-g9vw: An improper authentication vulnerability has been reported to affect QNAP device running Photo Station2022-05-06
CVEList
Improper authentication in Photo Station2022-05-05
CVE-2021-44057 — Improper Authentication | cvebase