安全ID : QSA-23-39
Vulnerability in QVPN Device Client for Windows
发布日期 : October 7, 2023
通用漏洞披露 : CVE-2023-23371
受影响产品: QVPN Windows 2.2.x
严重程度
低
状态
已解决
Summary
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client for Windows. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| QVPN Windows 2.2.x | QVPN Windows 2.2.0.0823 and later |
Recommendation
To secure your device, we recommend regularly updating your QNAP utilities to the latest versions to benefit from vulnerability fixes. You can check the QNAP Utilities page to see the latest updates available for your device operating system.
附件
致谢: Runzi Zhao, Security Researcher, QI-ANXIN
修订历史:
V1.0 (October 07, 2023) - Published
