CVE-2021-32514

Published: Jul 7, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: twcert@cert.org.tw (Secondary)

Description

Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote attackers to reboot and discontinue the device. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.

Affected (1)

Products: Qsan: Storage Manager

Qsan

1 product

Storage Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qsan Storage Manager	Before 3.3.3

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.twcert.org.tw/tw/cp-132-4870-83620-1.html

Source: twcert@cert.org.tw

Third Party Advisory

https://www.twcert.org.tw/tw/cp-132-4870-83620-1.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.