Vulnerabilities > CVE-2022-22680 - Unspecified vulnerability in Synology Diskstation Manager

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

synology

NVD

Published: 2022-02-07

Updated: 2022-02-10

Summary

Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Diskstation Manager 6.2 Synology Diskstation Manager 6.2-23739 Synology Diskstation Manager 6.2-23739-1 Synology Diskstation Manager 6.2-23739-2 Synology Diskstation Manager 6.2.1 Synology Diskstation Manager 6.2.1-23824 Synology Diskstation Manager 6.2.1-23824-1 Synology Diskstation Manager 6.2.1-23824-2 Synology Diskstation Manager 6.2.1-23824-3 Synology Diskstation Manager 6.2.1-23824-4 Synology Diskstation Manager 6.2.1-23824-5 Synology Diskstation Manager 6.2.1-23824-6 Synology Diskstation Manager 6.2.2-24922 Synology Diskstation Manager 6.2.3-25426-2 Synology Diskstation Manager 6.2.3-25426-3 Synology Diskstation Manager 6.2.3_25426 Synology Diskstation Manager 6.2.4-25553 Synology Diskstation Manager 6.2.4-25556-2 Synology Diskstation Manager 7.0	19

References

https://www.synology.com/security/advisory/Synology_SA_22_01