How severe is CVE-2018-13280?

CVE-2018-13280 has a CVSS v3 score of 7.4 (HIGH).

CVE-2018-13280

Name: diskstation_manager
Author: synology

7.4HIGH

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sess

公開日: 7/30/2018更新日: 1/14/2025

説明

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

AI分析AIによる分析

影響を受ける製品

synologydiskstation_manager

参照

https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory
https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory