CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9552

A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 2.1

References

Products affected by CVE-2017-9552

Synology » Photo Station » Version: 6.0-2528

cpe:2.3:a:synology:photo_station:6.0-2528
Synology » Photo Station » Version: 6.0-2636

cpe:2.3:a:synology:photo_station:6.0-2636
Synology » Photo Station » Version: 6.0-2638

cpe:2.3:a:synology:photo_station:6.0-2638
Synology » Photo Station » Version: 6.0-2639

cpe:2.3:a:synology:photo_station:6.0-2639
Synology » Photo Station » Version: 6.0-2640

cpe:2.3:a:synology:photo_station:6.0-2640
Synology » Photo Station » Version: 6.3-2944

cpe:2.3:a:synology:photo_station:6.3-2944
Synology » Photo Station » Version: 6.3-2958

cpe:2.3:a:synology:photo_station:6.3-2958
Synology » Photo Station » Version: 6.3-2960

cpe:2.3:a:synology:photo_station:6.3-2960
Synology » Photo Station » Version: 6.3-2962

cpe:2.3:a:synology:photo_station:6.3-2962
Synology » Photo Station » Version: 6.3-2963

cpe:2.3:a:synology:photo_station:6.3-2963
Synology » Photo Station » Version: 6.3-2964

cpe:2.3:a:synology:photo_station:6.3-2964
Synology » Photo Station » Version: 6.3-2965

cpe:2.3:a:synology:photo_station:6.3-2965
Synology » Photo Station » Version: 6.4-3166

cpe:2.3:a:synology:photo_station:6.4-3166
Synology » Photo Station » Version: 6.5.0-3218

cpe:2.3:a:synology:photo_station:6.5.0-3218
Synology » Photo Station » Version: 6.5.1-3223

cpe:2.3:a:synology:photo_station:6.5.1-3223
Synology » Photo Station » Version: 6.5.2-3225

cpe:2.3:a:synology:photo_station:6.5.2-3225
Synology » Photo Station » Version: 6.5.3-3226

cpe:2.3:a:synology:photo_station:6.5.3-3226
Synology » Photo Station » Version: 6.6.0-3339

cpe:2.3:a:synology:photo_station:6.6.0-3339
Synology » Photo Station » Version: 6.6.1-3345

cpe:2.3:a:synology:photo_station:6.6.1-3345
Synology » Photo Station » Version: 6.6.1-3346

cpe:2.3:a:synology:photo_station:6.6.1-3346
Synology » Photo Station » Version: 6.6.2-3346

cpe:2.3:a:synology:photo_station:6.6.2-3346
Synology » Photo Station » Version: 6.6.3-3347

cpe:2.3:a:synology:photo_station:6.6.3-3347
Synology » Photo Station » Version: 6.7.0-3414

cpe:2.3:a:synology:photo_station:6.7.0-3414
Synology » Photo Station » Version: 6.7.1-3419

cpe:2.3:a:synology:photo_station:6.7.1-3419

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9552

Products

Pricing

Contact Us