Vulnerability Details CVE-2022-49038
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.8%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2022-49038
-
cpe:2.3:a:synology:drive_client:-
-
cpe:2.3:a:synology:drive_client:1.0.0-10240
-
cpe:2.3:a:synology:drive_client:1.0.1-10253
-
cpe:2.3:a:synology:drive_client:1.0.2-10275
-
cpe:2.3:a:synology:drive_client:1.0.3-10281
-
cpe:2.3:a:synology:drive_client:1.1.0-10544
-
cpe:2.3:a:synology:drive_client:1.1.1-10551
-
cpe:2.3:a:synology:drive_client:1.1.2-10562
-
cpe:2.3:a:synology:drive_client:1.1.3-10570
-
cpe:2.3:a:synology:drive_client:1.1.4-10580
-
cpe:2.3:a:synology:drive_client:2.0.0-11050
-
cpe:2.3:a:synology:drive_client:2.0.1-11061
-
cpe:2.3:a:synology:drive_client:2.0.2-11076
-
cpe:2.3:a:synology:drive_client:2.0.2-11078
-
cpe:2.3:a:synology:drive_client:2.0.3-11102
-
cpe:2.3:a:synology:drive_client:2.0.4-11112
-
cpe:2.3:a:synology:drive_client:3.0.0-12663
-
cpe:2.3:a:synology:drive_client:3.0.1-12664
-
cpe:2.3:a:synology:drive_client:3.0.1-12667
-
cpe:2.3:a:synology:drive_client:3.0.1-12674
-
cpe:2.3:a:synology:drive_client:3.0.2-12682
-
cpe:2.3:a:synology:drive_client:3.0.3-12689
-
cpe:2.3:a:synology:drive_client:3.1.0-12920
-
cpe:2.3:a:synology:drive_client:3.1.0-12923
-
cpe:2.3:a:synology:drive_client:3.2.0-13232
-
cpe:2.3:a:synology:drive_client:3.2.0-13238
-
cpe:2.3:a:synology:drive_client:3.2.0-13258
-
cpe:2.3:a:synology:drive_client:3.2.1-13271
-
cpe:2.3:a:synology:drive_client:3.2.1-13272