Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
WARNING: CVE-2023-51365 IN QNAP OPERATING SYSTEM, PATCH IMMEDIATELY!
Image
Published : 27/05/2024
Reference:
Advisory #2024-75
Version:
1.0
Affected software:
QTS 4.5.x
QTS 5.1.x
QuTS hero h4.5.x
QuTS hero h5.1.x
QuTScloud c5.x
Type:
Path-traversal vulnerability
CVE/CVSS:
CVE-2023-51365
CVSS 8.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H)
Sources
https://www.qnap.com/en/security-advisory/qsa-24-14
Risks
CVE-2023-51365 is a high-severity vulnerability affecting several versions of operating system for entry- and mid-level QNAP Network-Attached Storage (NAS). Successful exploitation of the vulnerability allows an unauthenticated remote attacker to read the contents of unexpected files and expose sensitive data via a network. This could impact the Integrity and Availability of the data.
The vulnerability has not yet been reported to be exploited in the wild.
Description
CVE-2023-51365 path traversal vulnerability, having a CVSS v3 score of 8.7, could allow an attacker to read arbitrary files on the server that is running an application. This might include: application code and data, credentials for back-end systems and sensitive operating system files. The data could also be exposed via a network.
The vulnerability is impacting the following products:
- QTS 5.1.x
- QTS 4.5.x
- QuTS hero h5.1.x
- QuTS hero h4.5.x
- QuTScloud c5.x
which were already fixed in the following versions:
- QTS 5.1.4.2596 build 20231128 and later
- QTS 4.5.4.2627 build 20231225 and later
- QuTS hero h5.1.3.2578 build 20231110 and later
- QuTS hero h4.5.4.2626 build 20231225 and later
- QuTScloud c5.1.5.2651 and later
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.