Local Users Can Logout Client Via Unspecified Vectors, Backup Functionality Unaffected
CVE-2023-52947
3.3LOW
Key Information
- Vendor
- Synology
- Status
- Synology Active Backup For Business Agent
- Vendor
- CVE Published:
- 26 September 2024
Summary
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.
Affected Version(s)
Synology Active Backup for Business Agent <= *
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Zhao Runzi (赵润梓)