Synology DiskStation Manager Missing Authentication for Critical Function (CVE-2022-27623)

critical Tenable OT Security Plugin ID 502403

Version 1.2

Oct 2, 2024, 7:02 AM

  • CVSS metrics ("CVSSv2 score" set to 9.4)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202410020702

Version 1.1

Oct 1, 2024, 9:12 AM

  • New

Plugin Feed: 202410010912

* Changelogs are generally available for changes made after Nov 1, 2022