CVE-2018-19944
Cleartext Transmission of Sensitive Information in SNMP
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
31 Dec 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later)
Affected products
QNAP Systems Inc. · QTSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →