CVE-2024-32765

{"id": "CVE-2024-32765", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@qnapsecurity.com.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 0.8}]}, "published": "2024-08-12T13:38:20.823", "references": [{"url": "https://www.qnap.com/en/security-advisory/qsa-24-14", "tags": ["Vendor Advisory"], "source": "security@qnapsecurity.com.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@qnapsecurity.com.tw", "description": [{"lang": "en", "value": "CWE-291"}, {"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.8.2823 build 20240712 and later\nQuTS hero h5.1.8.2823 build 20240712 and later"}, {"lang": "es", "value": "Se ha informado que una vulnerabilidad afecta la red y el conmutador virtual. Si se explota, la vulnerabilidad podr\u00eda permitir a los administradores locales autenticados obtener acceso y ejecutar ciertas funciones a trav\u00e9s de vectores no especificados. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.1.8.2823 build 20240712 y posteriores QuTS hero h5.1.8.2823 build 20240712 y posteriores"}], "lastModified": "2025-12-10T22:02:55.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B27FBF31-D0FB-40E8-8188-8EE9892AE968", "versionEndExcluding": "5.1.8.2823", "versionStartIncluding": "5.1.0"}, {"criteria": "cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C925B746-4DB2-47A4-BA5D-40ED9A1F6951", "versionEndExcluding": "h5.1.8.2823", "versionStartIncluding": "h5.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@qnapsecurity.com.tw"}