How severe is CVE-2018-13280?

CVE-2018-13280 has a CVSS v3 score of 7.4 (HIGH).

CVE-2018-13280

Name: diskstation_manager
Author: synology

7.4HIGH

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sess

发布于: 7/30/2018更新于: 1/14/2025

描述

Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.

AI分析AI驱动

受影响产品

synologydiskstation_manager

参考资料

https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory
https://www.synology.com/en-global/support/security/Synology_SA_18_39
Vendor Advisory