CVE-2017-9552 in Photo Stationinfo

Zusammenfassung

von MITRE

A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline".

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

12.06.2017

Veröffentlichung

13.06.2017

Moderieren

akzeptiert

Eintrag

VDB-102369

CPE

bereit

CWE

CWE-287 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00044

KEV

nein

Aktivitäten

very low

Sektor

Education, Homeoffice, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-9552
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-9552
CVE Details	https://www.cvedetails.com/cve/CVE-2017-9552/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!