Vulnerabilities > CVE-2022-27597 - Unspecified vulnerability in Qnap products

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

qnap

NVD

Published: 2023-03-29

Updated: 2023-09-01

Summary

A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later

Vulnerable Configurations

Part	Description	Count
OS	Qnap Qnap Quts Hero - Qnap Quts Hero H4.5.0 Qnap Quts Hero H4.5.0.1279 Qnap Quts Hero H4.5.0.1308 Qnap Quts Hero H4.5.0.1352 Qnap Quts Hero H4.5.0.1409 Qnap Quts Hero H4.5.1 Qnap Quts Hero H4.5.1.1472 Qnap Quts Hero H4.5.1.1491 Qnap Quts Hero H4.5.1.1582 Qnap Quts Hero H4.5.2 Qnap Quts Hero H4.5.2.1638 Qnap Quts Hero H4.5.3 Qnap Quts Hero H4.5.4 Qnap Quts Hero H4.5.4.1771 Qnap Quts Hero H4.5.4.1800 Qnap Quts Hero H4.5.4.1813 Qnap Quts Hero H4.5.4.1848 Qnap Quts Hero H4.5.4.1892 Qnap Quts Hero H4.5.4.1951 Qnap Quts Hero H4.5.4.1971 Qnap Quts Hero H4.5.4.1991 Qnap Quts Hero H4.5.4.2052 Qnap Quts Hero H4.5.4.2138 Qnap Quts Hero H4.5.4.2217 Qnap Quts Hero H4.5.4.2272 Qnap Quts Hero H4.5.4.2374 Qnap Quts Hero H4.5.4.2476 Qnap Quts Hero H5.0.0 Qnap Quts Hero H5.0.0.1772 Qnap Quts Hero H5.0.0.1844 Qnap Quts Hero H5.0.0.1856 Qnap Quts Hero H5.0.0.1892 Qnap Quts Hero H5.0.0.1900 Qnap Quts Hero H5.0.0.1949 Qnap Quts Hero H5.0.0.1986 Qnap Quts Hero H5.0.1.2045 Qnap Quts Hero H5.0.1.2192 Qnap Quts Hero H5.0.1.2248 Qnap Quts Hero H5.0.1.2269 Qnap Quts Hero H5.0.1.2277 Qnap QTS - Qnap QTS 4.0 Qnap QTS 4.0.3 Qnap QTS 4.1.0 Qnap QTS 4.1.4 Qnap QTS 4.2.0 Qnap QTS 4.2.1 Qnap QTS 4.2.2 Qnap QTS 4.2.3 Qnap QTS 4.2.4 Qnap QTS 4.2.6 Qnap QTS 4.3.1.0013 Qnap QTS 4.3.1.0023 Qnap QTS 4.3.2.0050 Qnap QTS 4.3.2.0060 Qnap QTS 4.3.2.0144 Qnap QTS 4.3.3 Qnap QTS 4.3.3.0095 Qnap QTS 4.3.3.0096 Qnap QTS 4.3.3.0136 Qnap QTS 4.3.3.0154 Qnap QTS 4.3.3.0174 Qnap QTS 4.3.3.0188 Qnap QTS 4.3.3.0210 Qnap QTS 4.3.3.0229 Qnap QTS 4.3.3.0238 Qnap QTS 4.3.3.0262 Qnap QTS 4.3.3.0299 Qnap QTS 4.3.3.0351 Qnap QTS 4.3.3.0353 Qnap QTS 4.3.3.0361 Qnap QTS 4.3.3.0369 Qnap QTS 4.3.3.0378 Qnap QTS 4.3.3.0396 Qnap QTS 4.3.3.0404 Qnap QTS 4.3.3.0416 Qnap QTS 4.3.3.0418 Qnap QTS 4.3.3.0448 Qnap QTS 4.3.3.0514 Qnap QTS 4.3.3.0546 Qnap QTS 4.3.3.0570 Qnap QTS 4.3.3.0868 Qnap QTS 4.3.3.0998 Qnap QTS 4.3.3.1051 Qnap QTS 4.3.3.1098 Qnap QTS 4.3.3.1161 Qnap QTS 4.3.3.1252 Qnap QTS 4.3.3.1315 Qnap QTS 4.3.3.1386 Qnap QTS 4.3.3.1432 Qnap QTS 4.3.3.1624 Qnap QTS 4.3.3.1693 Qnap QTS 4.3.3.4132 Qnap QTS 4.3.4 Qnap QTS 4.3.4.0358 Qnap QTS 4.3.4.0370 Qnap QTS 4.3.4.0372 Qnap QTS 4.3.4.0374 Qnap QTS 4.3.4.0387 Qnap QTS 4.3.4.0411 Qnap QTS 4.3.4.0416 Qnap QTS 4.3.4.0427 Qnap QTS 4.3.4.0434 Qnap QTS 4.3.4.0435 Qnap QTS 4.3.4.0451 Qnap QTS 4.3.4.0483 Qnap QTS 4.3.4.0486 Qnap QTS 4.3.4.0506 Qnap QTS 4.3.4.0516 Qnap QTS 4.3.4.0526 Qnap QTS 4.3.4.0551 Qnap QTS 4.3.4.0557 Qnap QTS 4.3.4.0561 Qnap QTS 4.3.4.0569 Qnap QTS 4.3.4.0593 Qnap QTS 4.3.4.0597 Qnap QTS 4.3.4.0604 Qnap QTS 4.3.4.0899 Qnap QTS 4.3.4.1029 Qnap QTS 4.3.4.1082 Qnap QTS 4.3.4.1190 Qnap QTS 4.3.4.1282 Qnap QTS 4.3.4.1368 Qnap QTS 4.3.4.1417 Qnap QTS 4.3.4.1463 Qnap QTS 4.3.5 Qnap QTS 4.3.6 Qnap QTS 4.3.6.0895 Qnap QTS 4.3.6.0907 Qnap QTS 4.3.6.0923 Qnap QTS 4.3.6.0944 Qnap QTS 4.3.6.0959 Qnap QTS 4.3.6.0979 Qnap QTS 4.3.6.0993 Qnap QTS 4.3.6.1013 Qnap QTS 4.3.6.1033 Qnap QTS 4.3.6.1070 Qnap QTS 4.3.6.1154 Qnap QTS 4.3.6.1218 Qnap QTS 4.3.6.1263 Qnap QTS 4.3.6.1286 Qnap QTS 4.3.6.1333 Qnap QTS 4.3.6.1411 Qnap QTS 4.3.6.1446 Qnap QTS 4.3.6.1620 Qnap QTS 4.3.6.1663 Qnap QTS 4.3.6.1750 Qnap QTS 4.4.0 Qnap QTS 4.4.0.0883 Qnap QTS 4.4.0.0931 Qnap QTS 4.4.0.0979 Qnap QTS 4.4.1 Qnap QTS 4.4.1.0948 Qnap QTS 4.4.1.0949 Qnap QTS 4.4.1.0978 Qnap QTS 4.4.1.0998 Qnap QTS 4.4.1.0999 Qnap QTS 4.4.1.1031 Qnap QTS 4.4.1.1033 Qnap QTS 4.4.1.1064 Qnap QTS 4.4.1.1081 Qnap QTS 4.4.1.1086 Qnap QTS 4.4.1.1101 Qnap QTS 4.4.1.1117 Qnap QTS 4.4.1.1146 Qnap QTS 4.4.1.1201 Qnap QTS 4.4.1.1216 Qnap QTS 4.4.1.1261 Qnap QTS 4.4.2 Qnap QTS 4.4.2.1231 Qnap QTS 4.4.2.1270 Qnap QTS 4.4.3 Qnap QTS 4.4.3.1354 Qnap QTS 4.4.3.1381 Qnap QTS 4.4.3.1400 Qnap QTS 4.4.3.1421 Qnap QTS 4.4.3.1439 Qnap QTS 4.4.3.1444 Qnap QTS 4.5.1 Qnap QTS 4.5.1.1456 Qnap QTS 4.5.1.1461 Qnap QTS 4.5.1.1465 Qnap QTS 4.5.1.1480 Qnap QTS 4.5.1.1495 Qnap QTS 4.5.1.1540 Qnap QTS 4.5.2 Qnap QTS 4.5.2.1566 Qnap QTS 4.5.2.1594 Qnap QTS 4.5.2.1630 Qnap QTS 4.5.3 Qnap QTS 4.5.3.1652 Qnap QTS 4.5.3.1670 Qnap QTS 4.5.3.1697 Qnap QTS 4.5.4 Qnap QTS 4.5.4.1715 Qnap QTS 4.5.4.1723 Qnap QTS 4.5.4.1741 Qnap QTS 4.5.4.1787 Qnap QTS 4.5.4.1800 Qnap QTS 4.5.4.1892 Qnap QTS 4.5.4.1931 Qnap QTS 4.5.4.1991 Qnap QTS 4.5.4.2012 Qnap QTS 4.5.4.2117 Qnap QTS 4.5.4.2280 Qnap QTS 4.5.4.2374 Qnap QTS 4.5.4.2467 Qnap QTS 5.0.0 Qnap QTS 5.0.0.1716 Qnap QTS 5.0.0.1785 Qnap QTS 5.0.0.1808 Qnap QTS 5.0.0.1828 Qnap QTS 5.0.0.1837 Qnap QTS 5.0.0.1850 Qnap QTS 5.0.0.1853 Qnap QTS 5.0.0.1858 Qnap QTS 5.0.0.1870 Qnap QTS 5.0.0.1932 Qnap QTS 5.0.0.1981 Qnap QTS 5.0.0.1986 Qnap QTS 5.0.1 Qnap QTS 5.0.1.2034 Qnap QTS 5.0.1.2079 Qnap QTS 5.0.1.2131 Qnap QTS 5.0.1.2137 Qnap QTS 5.0.1.2145 Qnap QTS 5.0.1.2173 Qnap QTS 5.0.1.2194 Qnap QTS 5.0.1.2234 Qnap QTS 5.0.1.2248 Qnap QTS 5.0.1.2277 Qnap Qutscloud - Qnap QVP 41B Firmware - Qnap QVP 63B Firmware - Qnap QVP 85B Firmware - Qnap QVP 21A Firmware - Qnap QVP 41A Firmware - Qnap QVP 63A Firmware - Qnap QVP 85A Firmware -	262
Application	Qnap Qnap QVR -	1
Hardware	Qnap Qnap QVP 41B - Qnap QVP 63B - Qnap QVP 85B - Qnap QVP 21A - Qnap QVP 41A - Qnap QVP 63A - Qnap QVP 85A -	7

References

https://www.qnap.com/en/security-advisory/qsa-23-06