Security ID : QSA-24-40
Vulnerability in QNAP AI Core
Release date : November 23, 2024
CVE identifier : CVE-2024-38647
Affected products: QNAP AI Core 3.4.x
Severity
Important
Status
Resolved
Summary
An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If exploited, the vulnerability could allow remote attackers to compromise the security of the system.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| QNAP AI Core 3.4.x | QNAP AI Core 3.4.1 and later |
Recommendation
To fix the vulnerability, we recommend updating QNAP AI Core to the latest version.
Updating QNAP AI Core
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QNAP AI Core" and then press ENTER.
QNAP AI Core appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QNAP AI Core is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: Thomas Fady
Revision History:
V1.0 (November 23, 2024) - Published
