CVE-2018-13282
5.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Synology | Photo Station | unspecified < 6.8.7-3481 | affected |
Weaknesses
- CWE-384: Session Fixation (CWE-384)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.