{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T12:28:06.134","vulnerabilities":[{"cve":{"id":"CVE-2021-32526","sourceIdentifier":"twcert@cert.org.tw","published":"2021-07-07T14:15:11.467","lastModified":"2024-11-21T06:07:12.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers to access arbitrary password files. Suggest contacting with QSAN and refer to recommendations in QSAN Document."},{"lang":"es","value":"La asignación incorrecta de permisos para la vulnerabilidad de los recursos críticos en QSAN Storage Manager permite a los atacantes remotos autenticados acceder a archivos con contraseñas arbitrarias. Se sugiere contactar con QSAN y consultar las recomendaciones del documento de QSAN"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qsan:storage_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.1","matchCriteriaId":"3CE2A478-5140-4734-B1BA-0AB2741ADBB4"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-4882-c0310-1.html","source":"twcert@cert.org.tw","tags":["Vendor Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4882-c0310-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}