PT-2017-12343 · Synology · Synology Photo Station

Published

2017-12-04

Updated

2019-10-09

CVE-2017-12080

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Synology Photo Station versions prior to 6.8.1-3458 Synology Photo Station versions prior to 6.3-2970

Description The issue allows remote attackers to obtain sensitive system information. This is due to an information exposure vulnerability in the default HTTP configuration file.

Recommendations For versions prior to 6.8.1-3458, update to version 6.8.1-3458 or later. For versions prior to 6.3-2970, update to version 6.3-2970 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-12080

Affected Products

Synology Photo Station

PT-2017-12343 · Synology · Synology Photo Station

CVE-2017-12080

Weakness Enumeration

Related Identifiers

Affected Products

References · 3