4.9
CVE-2024-47269
- EPSS 0.23%
- Veröffentlicht 27.05.2026 08:29:47
- Zuletzt bearbeitet 28.05.2026 18:38:22
- Quelle security@synology.com
- CVE-Watchlists
- Unerledigt
Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Synology ≫ Surveillance Station Version < 9.2.2-11575
Synology ≫ Surveillance Station Version < 9.2.2-11575
Synology ≫ Surveillance Station Version < 9.2.2-9575
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.136 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@synology.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
https://www.synology.com/en-global/security/advisory/Synology_SA_24_25