安全ID : QSA-23-34
Vulnerability in QcalAgent
发布日期 : January 6, 2024
通用漏洞披露 : CVE-2023-41289
受影响产品: QcalAgent 1.1.x
严重程度
Moderate
状态
已解决
Summary
An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| QcalAgent 1.1.x | QcalAgent 1.1.8 and later |
Recommendation
To fix the vulnerability, we recommend updating QcalAgent to the latest version.
Updating QcalAgent
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QcalAgent" and then press ENTER.
QcalAgent appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QcalAgent is already up to date. - Click OK.
The application is updated.
附件
致谢: lebr0nli (Alan Li)
修订历史:
V1.0 (January 06, 2023) - Published
