Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows remote attackers to read specific files via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Dec 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows remote attackers to read specific files via unspecified vectors. | |
Weaknesses | CWE-639 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: synology
Published: 2024-12-18T06:00:18.463Z
Updated: 2024-12-18T16:21:15.401Z
Reserved: 2024-05-03T08:17:45.842Z
Link: CVE-2024-4464
Vulnrichment
Updated: 2024-12-18T16:20:56.230Z
NVD
Status : Received
Published: 2024-12-18T06:15:23.587
Modified: 2024-12-18T06:15:23.587
Link: CVE-2024-4464
Redhat
No data.