CVE-2021-28815
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems Inc. myQNAPcloud Link versions prior to 2.2.21 on QTS 4.5.3; versions prior to 2.2.21 on QuTS hero h4.5.2; versions prior to 2.2.21 on QuTScloud c4.5.4.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| QNAP Systems Inc. | myQNAPcloud Link | unspecified < 2.2.21 | affected |
| QNAP Systems Inc. | myQNAPcloud Link | unspecified < 2.2.21 | affected |
| QNAP Systems Inc. | myQNAPcloud Link | unspecified < 2.2.21 | affected |
Weaknesses
- CWE-922: CWE-922 Insecure Storage of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.