exploitDog

GHSA-4xw8-rvqf-qchf

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification.

Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification.

Ссылки

EPSS

Процентиль: 51%

0.0028

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-620

CWE-640

Связанные уязвимости

CVE-2018-8916

CVSS3: 6.3

nvd

больше 7 лет назад

Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification.

EPSS

Процентиль: 51%

0.0028

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-620

CWE-640