Vulnerabilities > CVE-2021-32525 - Unspecified vulnerability in Qsan Storage Manager

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

qsan

NVD

Published: 2021-07-07

Updated: 2024-11-21

Summary

The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.

Vulnerable Configurations

Part	Description	Count
Application	Qsan Qsan Storage Manager -	1

References

https://www.twcert.org.tw/tw/cp-132-4881-959d3-1.html
https://www.twcert.org.tw/tw/cp-132-4881-959d3-1.html