Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-2499

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.6%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 4.0
Products affected by CVE-2020-2499
  • Qnap » Qes » Version: 1.1.4
    cpe:2.3:a:qnap:qes:1.1.4
  • Qnap » Qes » Version: 2.0.0
    cpe:2.3:a:qnap:qes:2.0.0
  • Qnap » Qes » Version: 2.1.0
    cpe:2.3:a:qnap:qes:2.1.0
  • Qnap » Qes » Version: 2.1.1
    cpe:2.3:a:qnap:qes:2.1.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved