Vulnerability Details CVE-2019-7184
This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2019-7184
-
cpe:2.3:a:qnap:video_station:-
-
cpe:2.3:a:qnap:video_station:2.1.4
-
cpe:2.3:a:qnap:video_station:2.3.0
-
cpe:2.3:a:qnap:video_station:2.3.1
-
cpe:2.3:a:qnap:video_station:2.3.3
-
cpe:2.3:a:qnap:video_station:2.3.4
-
cpe:2.3:a:qnap:video_station:2.4.1
-
cpe:2.3:a:qnap:video_station:2.4.3
-
cpe:2.3:a:qnap:video_station:2.4.4
-
cpe:2.3:a:qnap:video_station:2.5.0
-
cpe:2.3:a:qnap:video_station:2.5.1
-
cpe:2.3:a:qnap:video_station:2.5.2
-
cpe:2.3:a:qnap:video_station:2.5.3
-
cpe:2.3:a:qnap:video_station:2.5.5
-
cpe:2.3:a:qnap:video_station:2.5.6
-
cpe:2.3:a:qnap:video_station:5.0.0
-
cpe:2.3:a:qnap:video_station:5.0.1
-
cpe:2.3:a:qnap:video_station:5.0.2
-
cpe:2.3:a:qnap:video_station:5.0.3
-
cpe:2.3:a:qnap:video_station:5.1.0
-
cpe:2.3:a:qnap:video_station:5.1.1
-
cpe:2.3:a:qnap:video_station:5.1.2
-
cpe:2.3:a:qnap:video_station:5.1.3
-
cpe:2.3:a:qnap:video_station:5.1.4
-
cpe:2.3:a:qnap:video_station:5.1.6
-
cpe:2.3:a:qnap:video_station:5.1.7
-
cpe:2.3:a:qnap:video_station:5.1.8
-
cpe:2.3:a:qnap:video_station:5.2.0
-
cpe:2.3:a:qnap:video_station:5.3.0
-
cpe:2.3:a:qnap:video_station:5.3.1
-
cpe:2.3:a:qnap:video_station:5.3.12
-
cpe:2.3:a:qnap:video_station:5.3.15
-
cpe:2.3:a:qnap:video_station:5.3.2
-
cpe:2.3:a:qnap:video_station:5.3.3
-
cpe:2.3:a:qnap:video_station:5.3.4
-
cpe:2.3:a:qnap:video_station:5.3.5
-
cpe:2.3:a:qnap:video_station:5.3.6
-
cpe:2.3:a:qnap:video_station:5.3.7
-
cpe:2.3:a:qnap:video_station:5.3.8
-
cpe:2.3:a:qnap:video_station:5.4.0
-
cpe:2.3:a:qnap:video_station:5.4.1
-
cpe:2.3:a:qnap:video_station:5.4.2
-
cpe:2.3:o:qnap:qts:4.3.4
-
cpe:2.3:o:qnap:qts:4.3.4.0358
-
cpe:2.3:o:qnap:qts:4.3.4.0370
-
cpe:2.3:o:qnap:qts:4.3.4.0372
-
cpe:2.3:o:qnap:qts:4.3.4.0374
-
cpe:2.3:o:qnap:qts:4.3.4.0387
-
cpe:2.3:o:qnap:qts:4.3.4.0411
-
cpe:2.3:o:qnap:qts:4.3.4.0416
-
cpe:2.3:o:qnap:qts:4.3.4.0427
-
cpe:2.3:o:qnap:qts:4.3.4.0434
-
cpe:2.3:o:qnap:qts:4.3.4.0435
-
cpe:2.3:o:qnap:qts:4.3.4.0451
-
cpe:2.3:o:qnap:qts:4.3.4.0483
-
cpe:2.3:o:qnap:qts:4.3.4.0486
-
cpe:2.3:o:qnap:qts:4.3.4.0506
-
cpe:2.3:o:qnap:qts:4.3.4.0516
-
cpe:2.3:o:qnap:qts:4.3.4.0526
-
cpe:2.3:o:qnap:qts:4.3.4.0551
-
cpe:2.3:o:qnap:qts:4.3.4.0557
-
cpe:2.3:o:qnap:qts:4.3.4.0561
-
cpe:2.3:o:qnap:qts:4.3.4.0569
-
cpe:2.3:o:qnap:qts:4.3.4.0593
-
cpe:2.3:o:qnap:qts:4.3.4.0597
-
cpe:2.3:o:qnap:qts:4.3.4.0604
-
cpe:2.3:o:qnap:qts:4.3.4.0899
-
cpe:2.3:o:qnap:qts:4.3.4.1029
-
cpe:2.3:o:qnap:qts:4.3.4.1082
-
cpe:2.3:o:qnap:qts:4.3.4.1190
-
cpe:2.3:o:qnap:qts:4.3.4.1282
-
cpe:2.3:o:qnap:qts:4.3.4.1368
-
cpe:2.3:o:qnap:qts:4.3.4.1417
-
cpe:2.3:o:qnap:qts:4.3.4.1463
-
cpe:2.3:o:qnap:qts:4.3.4.1632
-
cpe:2.3:o:qnap:qts:4.3.4.1652
-
cpe:2.3:o:qnap:qts:4.3.4.1976
-
cpe:2.3:o:qnap:qts:4.3.4.2107
-
cpe:2.3:o:qnap:qts:4.3.4.2242
-
cpe:2.3:o:qnap:qts:4.3.4.2451
-
cpe:2.3:o:qnap:qts:4.3.4.2675
-
cpe:2.3:o:qnap:qts:4.3.4.2814
-
cpe:2.3:o:qnap:qts:4.3.5
-
cpe:2.3:o:qnap:qts:4.3.6
-
cpe:2.3:o:qnap:qts:4.3.6.0895
-
cpe:2.3:o:qnap:qts:4.3.6.0907
-
cpe:2.3:o:qnap:qts:4.3.6.0923
-
cpe:2.3:o:qnap:qts:4.3.6.0944
-
cpe:2.3:o:qnap:qts:4.3.6.0959
-
cpe:2.3:o:qnap:qts:4.3.6.0979
-
cpe:2.3:o:qnap:qts:4.3.6.0993
-
cpe:2.3:o:qnap:qts:4.3.6.1013
-
cpe:2.3:o:qnap:qts:4.3.6.1033
-
cpe:2.3:o:qnap:qts:4.3.6.1070
-
cpe:2.3:o:qnap:qts:4.3.6.1154
-
cpe:2.3:o:qnap:qts:4.3.6.1218
-
cpe:2.3:o:qnap:qts:4.3.6.1263
-
cpe:2.3:o:qnap:qts:4.3.6.1286
-
cpe:2.3:o:qnap:qts:4.3.6.1333
-
cpe:2.3:o:qnap:qts:4.3.6.1411
-
cpe:2.3:o:qnap:qts:4.3.6.1446
-
cpe:2.3:o:qnap:qts:4.3.6.1620
-
cpe:2.3:o:qnap:qts:4.3.6.1663
-
cpe:2.3:o:qnap:qts:4.3.6.1711
-
cpe:2.3:o:qnap:qts:4.3.6.1750
-
cpe:2.3:o:qnap:qts:4.3.6.1831
-
cpe:2.3:o:qnap:qts:4.3.6.1907
-
cpe:2.3:o:qnap:qts:4.3.6.1965
-
cpe:2.3:o:qnap:qts:4.3.6.2050
-
cpe:2.3:o:qnap:qts:4.3.6.2232
-
cpe:2.3:o:qnap:qts:4.3.6.2441
-
cpe:2.3:o:qnap:qts:4.3.6.2665
-
cpe:2.3:o:qnap:qts:4.3.6.2805
-
cpe:2.3:o:qnap:qts:4.4.0
-
cpe:2.3:o:qnap:qts:4.4.1