CVE-2023-51065 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2023-51065?

CVE-2023-51065 has a CVSS score of 7.5 (HIGH). This vulnerability allows unauthenticated attackers to access system backups and sensitive information from QStar Archive Solutions servers. It affects QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 due to improper access control mechanisms. Any organization using this specific version with the server exposed to untrusted networks is vulnerable.

📋 TL;DR

This vulnerability allows unauthenticated attackers to access system backups and sensitive information from QStar Archive Solutions servers. It affects QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 due to improper access control mechanisms. Any organization using this specific version with the server exposed to untrusted networks is vulnerable.

💻 Affected Systems

Products:

QStar Archive Solutions

Versions: Release RELEASE_3-0 Build 7 Patch 0

Operating Systems: Not specified, likely multiple

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the specific build mentioned; other versions may or may not be affected.

📦 What is this software?

Archive Storage Manager by Qstar

View all CVEs affecting Archive Storage Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of sensitive archived data including system backups, configuration files, and potentially authentication credentials, leading to data exfiltration or system takeover.

🟠

Likely Case

Unauthorized access to system backups and sensitive configuration information, enabling reconnaissance for further attacks or direct data theft.

🟢

If Mitigated

Limited or no impact if proper network segmentation and authentication controls prevent unauthenticated access to the vulnerable service.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability allows unauthenticated access, making exploitation straightforward if the service is reachable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in provided references

Vendor Advisory: Not provided in references

Restart Required: No

Instructions:

Check with QStar or Oracle for official patches or updates. Upgrade to a fixed version when available.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to QStar Archive Solutions servers to only trusted IP addresses or internal networks.

Use firewall rules to block external access to QStar server ports (e.g., iptables -A INPUT -s 0.0.0.0/0 -p tcp --dport [QStar_port] -j DROP on Linux)

Authentication Enforcement

all

Implement additional authentication layers or ensure the service requires valid credentials for all access.

Configure web server or application-level authentication if supported

🧯 If You Can't Patch

Isolate the QStar server on a segmented network with strict access controls.
Monitor network traffic and logs for unauthorized access attempts to the QStar service.

🔍 How to Verify

Check if Vulnerable:

Check the QStar Archive Solutions version via the admin interface or configuration files. If it matches RELEASE_3-0 Build 7 Patch 0, it is vulnerable.

Check Version:

Check QStar documentation for version query commands; typically via admin console or configuration files.

Verify Fix Applied:

After applying patches or workarounds, test from an unauthorized network to confirm access is blocked or requires authentication.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated access attempts to backup or sensitive data endpoints in QStar logs
Unusual file access patterns from unknown IP addresses

Network Indicators:

Unencrypted traffic to QStar server ports from external sources
HTTP/HTTPS requests to backup-related URLs without authentication headers

SIEM Query:

source="qstar_logs" AND (event_type="access_denied" OR url CONTAINS "/backup/") AND src_ip NOT IN trusted_ips

📊 Metadata

CVE ID: CVE-2023-51065

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-284

Published: January 13, 2024

Last Updated: June 16, 2025

🔗 References

https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md Exploit,Third Party Advisory
https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-51065, you might also want to check these: