← Retour aux CVEs
CVE-2013-6276
CRITICAL9.8
Description
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie8/9/2021
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
qnap:viocard-100qnap:viocard-100_firmwareqnap:viocard-30qnap:viocard-300qnap:viocard-300_firmwareqnap:viocard-30_firmwareqnap:viogate-340qnap:viogate-340_firmwareqnap:viogate-340aqnap:viogate-340a_firmware
Faiblesses (CWE)
CWE-798
References
http://firmware.re/vulns/acsa-2013-002.php(cve@mitre.org)
http://firmware.re/vulns/acsa-2013-002.php(af854a3a-2127-422b-91ae-364da2661108)
http://web.archive.org/web/20210320190014/http://firmware.re/vulns/acsa-2013-002.php(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.