Q'center Virtual Appliance
by Qnap
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0706 | Hig | 0.64 | 8.8 | 0.49 | Jul 17, 2018 | Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information. | ||
| CVE-2018-0708 | Hig | 0.62 | 8.8 | 0.26 | Jul 17, 2018 | Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | ||
| CVE-2018-0710 | Hig | 0.61 | 8.8 | 0.14 | Jul 17, 2018 | Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | ||
| CVE-2018-0709 | Hig | 0.61 | 8.8 | 0.14 | Jul 17, 2018 | Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | ||
| CVE-2018-0707 | Hig | 0.55 | 7.2 | 0.59 | Jul 17, 2018 | Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | ||
| CVE-2018-0723 | 0.00 | — | 0.01 | Dec 26, 2018 | Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0724. | |||
| CVE-2018-0724 | 0.00 | — | 0.01 | Dec 26, 2018 | Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0723. |
- risk 0.64cvss 8.8epss 0.49
Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.
- risk 0.62cvss 8.8epss 0.26
Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
- risk 0.61cvss 8.8epss 0.14
Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
- risk 0.61cvss 8.8epss 0.14
Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
- risk 0.55cvss 7.2epss 0.59
Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
- CVE-2018-0723Dec 26, 2018risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0724.
- CVE-2018-0724Dec 26, 2018risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0723.