exploitDog

GHSA-fq7w-prpm-xwrj

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

Ссылки

EPSS

Процентиль: 38%

0.00167

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-330

Связанные уязвимости

CVE-2018-13280

CVSS3: 7.4

nvd

больше 7 лет назад

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

EPSS

Процентиль: 38%

0.00167

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-330