CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52949
https://notcve.org/view.php?id=CVE-2023-52949
26 Sep 2024 — Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_11 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52948
https://notcve.org/view.php?id=CVE-2023-52948
26 Sep 2024 — Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_11 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52947
https://notcve.org/view.php?id=CVE-2023-52947
26 Sep 2024 — Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_11 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52950
https://notcve.org/view.php?id=CVE-2023-52950
26 Sep 2024 — Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors. • https://www.synology.com/en-global/security/advisory/Synology_SA_24_11 • CWE-311: Missing Encryption of Sensitive Data •