CVE-2024-38647

Summary

An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If exploited, the vulnerability could allow remote attackers to compromise the security of the system.

We have already fixed the vulnerability in the following version: QNAP AI Core 3.4.1 and later

Affected Software

VendorProductVersion RangeStatus
QNAP Systems Inc.QNAP AI Core3.4.x < 3.4.1affected

Weaknesses

  • CWE-540: CWE-540
  • CWE-200: CWE-200

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References