Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows man-in-the-middle attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
证书验证不恰当
Vulnerability Title
Synology DiskStation Manager 信任管理问题漏洞
Vulnerability Description
Synology DiskStation Manager(DSM)是中国群晖(Synology)公司的一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。 Synology DiskStation Manager 7.1.1-42962-8之前版本、7.2.1-69057-7之前版本和7.2.2-72806-3之前版本存在信任管理问题漏洞,该漏洞源于LDAP工具证书验证不当,可能导致中间人攻击者劫持管理员身份验证。
CVSS Information
N/A
Vulnerability Type
N/A