How severe is CVE-2018-13280?

CVE-2018-13280 has a CVSS v3 score of 7.4 (HIGH).

CVE-2018-13280

Name: diskstation_manager
Author: synology

7.4HIGH

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sess

Publicado: 7/30/2018Actualizado: 1/14/2025

Descripción

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

Análisis IAImpulsado por IA

Productos Afectados

synologydiskstation_manager

Referencias

https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory
https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory