CVE-2017-16766 - OpenCVE

An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Synology	Diskstation Manager

Configuration 1 [-]

OR	cpe:2.3:a:synology:diskstation_manager::::::::
	cpe:2.3:a:synology:diskstation_manager::::::::

References

Link	Resource
https://www.synology.com/en-global/support/security/Synology_SA_17_74	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: synology

Published: 2017-11-24T00:00:00

Updated: 2017-12-22T13:57:01

Reserved: 2017-11-10T00:00:00

Link: CVE-2017-16766

JSON object: View

NVD Information

Status : Modified

Published: 2017-12-22T14:29:13.297

Modified: 2019-10-09T23:25:17.973

Link: CVE-2017-16766

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "DiskStation Manager (DSM)", "vendor": "Synology", "versions": [{"status": "affected", "version": "before 6.1.4-15217"}, {"status": "affected", "version": "before 6.0.3-8754-6"}]}], "datePublic": "2017-11-24T00:00:00", "descriptions": [{"lang": "en", "value": "An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "Improper Access Control (CWE-284)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-12-22T13:57:01", "orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.synology.com/en-global/support/security/Synology_SA_17_74"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@synology.com", "DATE_PUBLIC": "2017-11-24T00:00:00", "ID": "CVE-2017-16766", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DiskStation Manager (DSM)", "version": {"version_data": [{"version_value": "before 6.1.4-15217"}, {"version_value": "before 6.0.3-8754-6"}]}}]}, "vendor_name": "Synology"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Access Control (CWE-284)"}]}]}, "references": {"reference_data": [{"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_74", "refsource": "CONFIRM", "url": "https://www.synology.com/en-global/support/security/Synology_SA_17_74"}]}}}}, "cveMetadata": {"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "assignerShortName": "synology", "cveId": "CVE-2017-16766", "datePublished": "2017-11-24T00:00:00", "dateReserved": "2017-11-10T00:00:00", "dateUpdated": "2017-12-22T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C8FA193-8413-412E-BA6C-3FD0334000A5", "versionEndExcluding": "6.0.3-8754-6", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D3D2A10-BD20-45FF-918F-6304820B6EBD", "versionEndExcluding": "6.1.4-15217", "versionStartIncluding": "6.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option."}, {"lang": "es", "value": "Una vulnerabilidad de control de acceso incorrecto en synodsmnotify en Synology DiskStation Manager (DSM), en versiones anteriores a la 6.1.4-15217 y anteriores a la 6.0.3-8754-6, permite que usuarios locales inyecten scripts web o HTML arbitrarios mediante la opci\u00f3n -fn."}], "id": "CVE-2017-16766", "lastModified": "2019-10-09T23:25:17.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-22T14:29:13.297", "references": [{"source": "security@synology.com", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/support/security/Synology_SA_17_74"}], "sourceIdentifier": "security@synology.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "security@synology.com", "type": "Secondary"}]}