Vulnerability Details CVE-2017-15891
Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar before 2.0.1-0242 allows remote authenticated users to modify calendar event via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2017-15891
-
cpe:2.3:a:synology:calendar:1.0.0-0121
-
cpe:2.3:a:synology:calendar:1.0.2-0131
-
cpe:2.3:a:synology:calendar:1.0.3-0132
-
cpe:2.3:a:synology:calendar:1.1.0-0146
-
cpe:2.3:a:synology:calendar:2.0.0-0241