Vulnerabilities > CVE-2017-15891 - Unspecified vulnerability in Synology Calendar

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

synology

NVD

Published: 2017-12-08

Updated: 2019-10-09

Summary

Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar before 2.0.1-0242 allows remote authenticated users to modify calendar event via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Calendar 1.0.0-0121 Synology Calendar 1.0.2-0131 Synology Calendar 1.0.3-0132 Synology Calendar 1.1.0-0146 Synology Calendar 2.0.0-0241	5

References

https://www.synology.com/en-global/support/security/Synology_SA_17_68_Calendar