Security ID : QSA-24-38

Vulnerabilities in CUPS Affecting UNIX Systems

Release date : October 1, 2024
CVE identifier : CVE-2024-47076 | CVE-2024-47175 | CVE-2024-47176 | CVE-2024-47177
Not affected products: QTS 5.1.x, 5.2.x; QuTS hero h5.1.x, h5.2.x; QuTScloud c5.x
Affected products: None

Severity

None

Status

Not Affected

Summary

A recent blog post disclosed potential vulnerabilities in the Common UNIX Printing System (CUPS), which could impact UNIX-based operating systems by allowing privilege escalation and unauthorized access to affected systems. This disclosure is part of an ongoing series detailing various attack scenarios against CUPS.

After conducting a thorough investigation, QNAP has determined that the following products are not affected by this vulnerability:

QTS 5.1.x and 5.2.x
QuTS hero h5.1.x and h5.2.x
QuTScloud c5.x

The listed products do not include the vulnerable CUPS components or configurations mentioned in the report.

Revision History: V1.0 (October 1, 2024) - Published initial advisory based on the disclosed information.

Storage

Networking

Expansion Accessories

Surveillance

NAS

Networking

Surveillance

Summary

Choose Your Country or Region

Asia

Europe

America

Global