CVE-2020-2505

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.3 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
qnapCNA
2.3 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
qnapqes
𝑥
< 2.1.1
qnapqes
2.1.1
qnapqes
2.1.1:build_20200211
qnapqes
2.1.1:build_20200303
qnapqes
2.1.1:build_20200319
qnapqes
2.1.1:build_20200424
qnapqes
2.1.1:build_20200515
qnapqes
2.1.1:build_20200811
𝑥
= Vulnerable software versions