Vulnerability Details CVE-2018-13296
Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-13296
-
cpe:2.3:a:synology:mailplus_server:1.0-0182
-
cpe:2.3:a:synology:mailplus_server:1.0-0183
-
cpe:2.3:a:synology:mailplus_server:1.0-0186
-
cpe:2.3:a:synology:mailplus_server:1.0-0190
-
cpe:2.3:a:synology:mailplus_server:1.1.0-0208
-
cpe:2.3:a:synology:mailplus_server:1.1.1-0213
-
cpe:2.3:a:synology:mailplus_server:1.1.2-0250
-
cpe:2.3:a:synology:mailplus_server:1.2.0-0295
-
cpe:2.3:a:synology:mailplus_server:1.2.1-0298
-
cpe:2.3:a:synology:mailplus_server:1.2.2-0301
-
cpe:2.3:a:synology:mailplus_server:1.2.3-0302
-
cpe:2.3:a:synology:mailplus_server:1.3.0-0370
-
cpe:2.3:a:synology:mailplus_server:1.3.2-0373
-
cpe:2.3:a:synology:mailplus_server:1.3.3-0381
-
cpe:2.3:a:synology:mailplus_server:1.3.4-0383
-
cpe:2.3:a:synology:mailplus_server:1.4.0-0415
-
cpe:2.3:a:synology:mailplus_server:1.4.2-0421
-
cpe:2.3:a:synology:mailplus_server:1.4.3-0422
-
cpe:2.3:a:synology:mailplus_server:2.0.1-0532
-
cpe:2.3:a:synology:mailplus_server:2.0.2-0533
-
cpe:2.3:a:synology:mailplus_server:2.0.3-0539