CVE-2020-2505

Summary

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

Affected Software

VendorProductVersion RangeStatus
QNAP Systems Inc.QESunspecified < 2.1.1affected

Weaknesses

  • CWE-209: CWE-209 Information Exposure Through an Error Message
  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

References