Synology-SA-17:78 Chat
Publish Time: 2017-12-18 11:16:12 UTC+8
Last Updated: 2017-12-28 10:06:23 UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
These are multiple vulnerabilities allowing remote authenticated users to access intranet resources and inject arbitrary web scripts and HTML code via a susceptible version of Chat.
Updates for Affected Products
| Product | Severity | Latest Patch |
|---|---|---|
| Chat | Moderate | Upgrade to 2.0.0-1124 or above. |
Mitigation
None
Detail
CVE-2017-15886
- Severity: Moderate
- CVSS3 Base Score: 6.4
- CVSS3 Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
- Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0-1124 allows remote authenticated users to download arbitrary local files via crafted URI.
CVE-2017-15892
- Severity: Moderate
- CVSS3 Base Score: 4.4
- CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
- Multiple cross-site scripting (XSS) vulnerability in Slash Command Creator in Synology Chat before 2.0.0-1124 allows remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.
Revision History
| Revision | Date | Description |
|---|---|---|
| 1 | 2017-12-18 | Initial public release. |
| 2 | 2017-12-28 | Disclosed vulnerability details. |