Home
MEDIUM: 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NDefault status
affected
* (semver) before 1.0.1-1100
affected
Description
A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information.
Problem types
Use of GET Request Method With Sensitive Query Strings
Product status
* (semver) before 1.0.1-1100
Credits
Simon Baaske (Serviceware)
References
www.synology.com/...obal/security/advisory/Synology_SA_26_01 (Synology-SA-26:01 Storage Manager)