Security ID : NAS-201809-27
Security Advisory for PHP Vulnerability
Release date : September 27, 2018
CVE identifier : CVE-2018-7584
Affected products: QTS 4.3.3: build 20180528 and earlier versions
QTS 4.3.4: build 20180528 and earlier versions
Severity
Important
Status
Resolved
Summary
One vulnerability has been discovered on PHP 5.6.33 and earlier versions. This affects QTS 4.3.3 build 20180528, 4.3.4 build 20180528, and their earlier versions.
If successfully exploited, this vulnerability could allow attackers to launch denial-of-service (DoS) attacks.
We have already fixed this issue in the following QTS versions
- QTS 4.3.3: build 20180716 and later
- QTS 4.3.4: build 20180710 and later
Recommendation
To fix this vulnerability, you must update QTS to the latest version.
Installing the QTS Update
- Log on to QTS as administrator.
- Go to Control Panel > System > Firmware Update.
- Under Live Update, click Check for Update.
QTS downloads and installs the latest available update.
Revision History: V1.0 (September 27, 2018) - Published
