Vulnerabilities (CVE)

Filtered by vendor Seagate Subscribe

Filtered by product Nas Os

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-12296	1 Seagate	1 Nas Os	2019-10-03	5.0 MEDIUM	7.5 HIGH
Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests.
CVE-2018-12301	1 Seagate	1 Nas Os	2019-05-13	5.0 MEDIUM	7.5 HIGH
Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost.
CVE-2018-12298	1 Seagate	1 Nas Os	2019-05-13	5.0 MEDIUM	7.5 HIGH
Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path.