Security ID : QSA-23-44
Vulnerability in Container Station
Release date : October 14, 2023
CVE identifier : CVE-2023-32976
Affected products: Container Station 2.6.x
Severity
Moderate
Status
Resolved
Summary
An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute arbitrary commands via a network.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| Container Station 2.6.x | Container Station 2.6.7.44 and later |
Recommendation
To fix the vulnerability, we recommend updating Container Station to the latest version.
Updating Container Station
- Log on to QTS or QuTS hero as administrator.
- Open the App Center and then click
.
A search box appears. - Type "Container Station" and then press ENTER.
Container Station appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Container Station is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: YC of the M1QLin security team
Revision History:
V1.0 (October 14, 2023) - Published
