CVE-2020-2503 - Vulnerability Details - OpenCVE

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Qnap	Qes

Configuration 1 [-]

OR	cpe:2.3:a:qnap:qes::::::::
	cpe:2.3:a:qnap:qes:2.1.1:-::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200211::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200303::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200319::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200424::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200515::::::
	cpe:2.3:a:qnap:qes:2.1.1:build_20200811::::::

No data.

References

Link	Providers
https://www.qnap.com/zh-tw/security-advisory/qsa-20-17

History

No history.

MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2020-12-24T01:39:08.389271Z

Updated: 2024-09-17T03:07:20.826Z

Reserved: 2019-12-09T00:00:00

Link: CVE-2020-2503

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-12-24T02:15:12.547

Modified: 2024-11-21T05:25:22.063

Link: CVE-2020-2503

Redhat

No data.

{"containers": {"cna": {"affected": [{"platforms": ["build 20201006"], "product": "QES", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "2.1.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "TIM Security Red Team Research"}], "datePublic": "2020-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-749", "description": "CWE-749 Exposed Dangerous Method or Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-31T16:33:28", "orgId": "2fd009eb-170a-4625-932b-17a53af1051f", "shortName": "qnap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"}], "solutions": [{"lang": "en", "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."}], "source": {"advisory": "QSA-20-17", "discovery": "EXTERNAL"}, "title": "Stored cross-site scripting vulnerability in QES", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@qnap.com", "DATE_PUBLIC": "2020-12-23T05:49:00.000Z", "ID": "CVE-2020-2503", "STATE": "PUBLIC", "TITLE": "Stored cross-site scripting vulnerability in QES"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "QES", "version": {"version_data": [{"platform": "build 20201006", "version_affected": "<", "version_value": "2.1.1"}]}}]}, "vendor_name": "QNAP Systems Inc."}]}}, "credit": [{"lang": "eng", "value": "TIM Security Red Team Research"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}, {"description": [{"lang": "eng", "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}, {"description": [{"lang": "eng", "value": "CWE-749 Exposed Dangerous Method or Function"}]}]}, "references": {"reference_data": [{"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17", "refsource": "MISC", "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"}]}, "solution": [{"lang": "en", "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."}], "source": {"advisory": "QSA-20-17", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:09:54.672Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"}]}]}, "cveMetadata": {"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f", "assignerShortName": "qnap", "cveId": "CVE-2020-2503", "datePublished": "2020-12-24T01:39:08.389271Z", "dateReserved": "2019-12-09T00:00:00", "dateUpdated": "2024-09-17T03:07:20.826Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qnap:qes:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5DBF31A-5D26-4C7D-8E69-31061FC16C6D", "versionEndExcluding": "2.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:-:*:*:*:*:*:*", "matchCriteriaId": "B075440F-4DEA-494D-AE27-1182CA4889D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200211:*:*:*:*:*:*", "matchCriteriaId": "67632014-C383-490C-B048-4DFE88AD3F30", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200303:*:*:*:*:*:*", "matchCriteriaId": "AF83A348-E7B1-4008-8313-9F28B9A9B020", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200319:*:*:*:*:*:*", "matchCriteriaId": "AAF45709-BE55-45A4-8DD1-0D3E417D8382", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200424:*:*:*:*:*:*", "matchCriteriaId": "7C956E79-D019-4AE3-BB65-9A70282CD780", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200515:*:*:*:*:*:*", "matchCriteriaId": "DB21A827-5B92-468F-9BD0-09EB3E8A2ED4", "vulnerable": true}, {"criteria": "cpe:2.3:a:qnap:qes:2.1.1:build_20200811:*:*:*:*:*:*", "matchCriteriaId": "DA11F0F0-236A-4A24-9AF7-DC8E78D5AA3C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."}, {"lang": "es", "value": "Si se explota, esta vulnerabilidad de tipo cross-site scripting almacenado podr\u00eda permitir a atacantes remotos inyectar c\u00f3digo malicioso en File Station. QNAP ya ha corregido estos problemas en QES versiones 2.1.1 Build 20201006 y posteriores"}], "id": "CVE-2020-2503", "lastModified": "2024-11-21T05:25:22.063", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security@qnapsecurity.com.tw", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-24T02:15:12.547", "references": [{"source": "security@qnapsecurity.com.tw", "tags": ["Vendor Advisory"], "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"}], "sourceIdentifier": "security@qnapsecurity.com.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-80"}, {"lang": "en", "value": "CWE-749"}], "source": "security@qnapsecurity.com.tw", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}