Security ID : QSA-24-03
Vulnerability in Qsync Central
Release date : February 3, 2024
CVE identifier : CVE-2023-47564
Affected products: Qsync Central 4.4.x, 4.3.x
Severity
Important
Status
Resolved
Summary
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to read or modify critical resources.
We have already fixed the vulnerability in the following versions:
| Affected Product | Fixed Version |
| Qsync Central 4.4.x | Qsync Central 4.4.0.15 (2024/01/04) and later |
| Qsync Central 4.3.x | Qsync Central 4.3.0.11 (2024/01/11) and later |
Recommendation
To fix the vulnerability, we recommend updating Qsync Central to the latest version.
Updating Qsync Central
- Log on to QTS or QuTS hero as an administrator.
- Open the App Center and then click
.
A search box appears. - Type "Qsync Central" and then press ENTER.
Qsync Central appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Qsync Central is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: c411e
Revision History:
V1.0 (February 3, 2024) - Published
