{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-06T02:09:44.088","vulnerabilities":[{"cve":{"id":"CVE-2023-41274","sourceIdentifier":"security@qnapsecurity.com.tw","published":"2024-02-02T16:15:47.730","lastModified":"2024-11-21T08:20:57.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.2.2533 build 20230926 and later\nQuTS hero h5.1.2.2534 build 20230927 and later\nQuTScloud c5.1.5.2651 and later\n"},{"lang":"es","value":"Se ha informado que una vulnerabilidad de desreferencia de puntero NULL afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podría permitir a los administradores autenticados lanzar un ataque de denegación de servicio (DoS) a través de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.1.2.2533 build 20230926 y posteriores QuTS hero h5.1.2.2534 build 20230927 y posteriores QuTScloud c5.1.5.2651 y posteriores"}],"metrics":{"cvssMetricV31":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*","matchCriteriaId":"39382CBA-EA68-426A-AC07-A9A26E722CAB"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*","matchCriteriaId":"BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*","matchCriteriaId":"8368130C-F26D-41FE-8D78-B103A23B5327"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*","matchCriteriaId":"3E0EE181-78AF-4C3C-90A4-C69A2DE6E176"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*","matchCriteriaId":"56E3AE06-78DA-4844-ADC1-09A35F1C5B54"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*","matchCriteriaId":"D2AA7A32-0DA8-4417-A23E-C4F563BC7819"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.2.2533:-:*:*:*:*:*:*","matchCriteriaId":"68A99623-CAF5-404E-84E5-73B75F5C0651"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*","matchCriteriaId":"6CA398A8-EBDF-4D41-B15E-7B763F885021"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*","matchCriteriaId":"F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*","matchCriteriaId":"53387FAC-7BE0-47D7-99BF-2B1F03C17CC3"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*","matchCriteriaId":"D4226394-0023-4CD2-BB89-77251BF92FF3"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*","matchCriteriaId":"646257F7-D4A4-43B0-91F2-7850338B3CA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:-:*:*:*:*:*:*","matchCriteriaId":"8F7CBA06-2712-4BF8-81AD-EE7B0B0DB46A"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qutscloud:c5.1.0.2498:build_20230822:*:*:*:*:*:*","matchCriteriaId":"C50B05E2-8F25-4CA7-84FE-F5C510C83FE1"}]}]}],"references":[{"url":"https://www.qnap.com/en/security-advisory/qsa-23-38","source":"security@qnapsecurity.com.tw","tags":["Vendor Advisory"]},{"url":"https://www.qnap.com/en/security-advisory/qsa-23-38","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}