N/A

Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L

HTTPS会话中未设置’Secure’属性的敏感Cookie

Synology DiskStation Manager 安全漏洞

Synology DiskStation Manager(DSM)是中国台湾(DSM)等都是中国台湾群晖科技(Synology)公司的产品。Synology DiskStation Manager是一套用于网络储存服务器（NAS）上的操作系统。HTTPS(Hypertext Transfer Protocol Secure,超文本传输安全协议)等都是的产品。HTTPS是一种网络安全传输协议，Debian计划 apt等都是Debian计划(Debian计划)合作组织的产品。apt是一个命令行软件包管理器，

N/A

N/A