CVE-2024-38647

HIGH

QNAP AI Core <3.4.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: QNAP AI Core 3.4.1 and later

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0064
EPSS Percentile 46.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-200 CWE-540
Status published
Products (1)
qnap/ai_core 3.4.0
Published Nov 22, 2024
Tracked Since Feb 18, 2026