Lucene search

[email protected]NVD:CVE-2010-3684

HistorySep 29, 2010 - 5:00 p.m.

CVE-2010-3684

2010-09-2917:00:05

CWE-255

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.6%

JSON

The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application interface in cases of incorrect login attempts, which allows local users to obtain sensitive information by reading a log, a different vulnerability than CVE-2010-2453.

Affected configurations

NVD

Node

synologydsmMatch2.2-0942

synologydsmMatch2.2-1041

synologydsmMatch2.2-1042

synologydsmMatch2.2-1045

synologydsmMatch2.3-1139

synologydsmMatch2.3-1141

synologydsmMatch2.3-1144

synologydsmMatch2.3-1157

synologydsmMatch2.3-1161

AND

synologydisk_station_ds1010\+

synologydisk_station_ds109

synologydisk_station_ds110\+

synologydisk_station_ds110j

synologydisk_station_ds209

synologydisk_station_ds210\+

synologydisk_station_ds210j

synologydisk_station_ds409slim

synologydisk_station_ds410

synologydisk_station_ds410j

synologydisk_station_ds411\+

synologydisk_station_ds710\+

References

www.securityfocus.com/archive/1/513970/100/0/threaded

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.6%

JSON

Related for NVD:CVE-2010-3684

cvelist2 cve2 prion2 nvd1 securityvulns2 packetstorm1 checkpoint_advisories2