CVE-2024-32771

Published Sep 6, 2024

Last updated 2 months ago

Overview

Description
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network authenticated administrators to perform an arbitrary number of authentication attempts via unspecified vectors. QuTScloud is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2782 build 20240601 and later QuTS hero h5.2.0.2782 build 20240601 and later
Source
security@qnapsecurity.com.tw
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
2.4
Impact score
1.4
Exploitability score
0.9
Vector string
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Severity
LOW

Weaknesses

security@qnapsecurity.com.tw
CWE-307

Social media

Hype score
Not currently trending

Configurations