Headline
CVE-2023-32976: Vulnerability in Container Station - Security Advisory
An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following version: Container Station 2.6.7.44 and later
Security ID : QSA-23-44
Release date : October 14, 2023
CVE identifier : CVE-2023-32976
Affected products: Container Station 2.6.x
Summary
An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute arbitrary commands via a network.
We have already fixed the vulnerability in the following version:
Affected Product
Fixed Version
Container Station 2.6.x
Container Station 2.6.7.44 and later
Recommendation
To fix the vulnerability, we recommend updating Container Station to the latest version.
Updating Container Station
- Log on to QTS or QuTS hero as administrator.
- Open the App Center and then click .
A search box appears. - Type “Container Station” and then press ENTER.
Container Station appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Container Station is already up to date. - Click OK.
The application is updated.
Attachment
- CVE-2023-32976.json
Acknowledgements: YC of the M1QLin security team
Revision History:
V1.0 (October 14, 2023) - Published