CVE-2022-27619

Name of the Vulnerable Software and Affected Versions Synology Note Station Client versions prior to 2.2.2-609

Description The issue concerns a cleartext transmission of sensitive information vulnerability in authentication management. This allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

Recommendations For versions prior to 2.2.2-609, update to version 2.2.2-609 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and minimizing the use of unsecured connections until the update is applied.