{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T06:33:28.625","vulnerabilities":[{"cve":{"id":"CVE-2024-13086","sourceIdentifier":"security@qnapsecurity.com.tw","published":"2025-03-07T17:15:18.430","lastModified":"2026-01-30T18:54:35.447","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An exposure of sensitive information vulnerability has been reported to affect product. If exploited, the vulnerability could allow remote attackers to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.2.0.2851 build 20240808 and later\nQuTS hero h5.2.0.2851 build 20240808 and later"},{"lang":"es","value":"Se ha informado de una vulnerabilidad de exposición de información confidencial que afecta al producto. Si se explota, la vulnerabilidad podría permitir a atacantes remotos comprometer la seguridad del sistema. Ya hemos corregido la vulnerabilidad en la siguiente versión: QTS 5.2.0.2851 build 20240808 y posteriores QuTS hero h5.2.0.2851 build 20240808 y posteriores"}],"metrics":{"cvssMetricV31":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.2.0.2851","matchCriteriaId":"5D35E354-F154-4E4B-B92C-B167258C2EED"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*","versionStartIncluding":"h5.0.0","versionEndExcluding":"h5.2.0.2851","matchCriteriaId":"4A25A4BC-D282-4320-AFD6-111693CAF1C0"}]}]}],"references":[{"url":"https://www.qnap.com/en/security-advisory/qsa-25-03","source":"security@qnapsecurity.com.tw","tags":["Vendor Advisory"]}]}}]}