CVE-2018-13294

Summary

Information exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter.

Affected Software

VendorProductVersion RangeStatus
SynologyApplication Serviceunspecified < 1.5.4-0320affected

Weaknesses

  • CWE-200: Information Exposure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References