Synology-SA-24:27 DSM
Publish Time: 2024-11-27 14:30:49 UTC+8
Last Updated: 2024-11-27 14:30:49 UTC+8
- Severity
- Important
- Status
- Ongoing
Abstract
A vulnerability allow remote attackers to conduct denial-of-service attacks.
A vulnerability allow remote attackers to obtain sensitive information.
A vulnerability allow remote authenticated users to obtain privileges without consent.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 7.2.2 | Important | Upgrade to 7.2.2-72806 or above. |
| DSM 7.2.1 | Important | Upgrade to 7.2.1-69057-2 or above. |
| DSM 7.1 | Important | Ongoing |
| DSMUC 3.1 | Important | Upgrade to 3.1.4-23079 or above. |
Mitigation
None
Detail
Reserved
Acknowledgement
Two vulnerabilities were discovered internally by Synology PSIRT.
Vo Van Thong of GE Security (VNG) (https://www.linkedin.com/in/thongvv3/)
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2024-11-27 | Initial public release. |