How severe is CVE-2018-13280?

CVE-2018-13280 has a CVSS v3 score of 7.4 (HIGH).

CVE-2018-13280

Name: diskstation_manager
Author: synology

7.4HIGH

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sess

Опубликовано: 7/30/2018Обновлено: 1/14/2025

Описание

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

ИИ-АнализНа базе ИИ

Затронутые продукты

synologydiskstation_manager

Ссылки

https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory
https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory