CVE-2024-29228

Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Configurations

No configuration.

History

21 Nov 2024, 09:07

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de autorización faltante en el componente webapi GetStmUrlPath en Synology Surveillance Station anterior a 9.2.0-9289 y 9.2.0-11289 permite a usuarios autenticados remotamente obtener información confidencial a través de vectores no especificados.
References () https://www.synology.com/en-global/security/advisory/Synology_SA_24_04 - () https://www.synology.com/en-global/security/advisory/Synology_SA_24_04 -

28 Mar 2024, 07:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-28 07:16

Updated : 2024-11-21 09:07


NVD link : CVE-2024-29228

Mitre link : CVE-2024-29228

CVE.ORG link : CVE-2024-29228


JSON object : View

Products Affected

No product.

CWE
CWE-862

Missing Authorization