Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-4877-7b696-1.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-4877-7b696-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.twcert.org.tw/tw/cp-132-4877-7b696-1.html - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 7.3 |
22 Jul 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document. |
10 Jul 2021, 03:32
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.twcert.org.tw/tw/cp-132-4877-7b696-1.html - Third Party Advisory | |
CWE | CWE-798 | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:qsan:xevo:*:*:*:*:*:*:*:* cpe:2.3:a:qsan:storage_manager:*:*:*:*:*:*:*:* cpe:2.3:a:qsan:sanos:*:*:*:*:*:*:*:* |
07 Jul 2021, 15:08
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-07 14:15
Updated : 2024-11-21 06:07
NVD link : CVE-2021-32521
Mitre link : CVE-2021-32521
CVE.ORG link : CVE-2021-32521
JSON object : View
Products Affected
qsan
- storage_manager
- xevo
- sanos