CVE-2023-52947

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 2.6.3-3101

Description The issue is related to a missing authentication vulnerability in the logout functionality. This allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.

Recommendations For versions prior to 2.6.3-3101, update to version 2.6.3-3101 or later to resolve the issue. As a temporary workaround, consider restricting access to the logout function to minimize the risk of exploitation.