Vulnerability Details : CVE-2020-27651
Potential exploit
Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
Products affected by CVE-2020-27651
- cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-27651
0.39%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 58 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-27651
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
NIST | |
|
5.8
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L |
1.6
|
3.7
|
Synology Inc. |
CWE ids for CVE-2020-27651
-
The product does not encrypt sensitive or critical information before storage or transmission.Assigned by: nvd@nist.gov (Primary)
-
The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session.Assigned by: security@synology.com (Secondary)
References for CVE-2020-27651
-
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059
TALOS-2020-1059 || Cisco Talos Intelligence Group - Comprehensive Threat IntelligenceExploit;Third Party Advisory
-
https://www.synology.com/security/advisory/Synology_SA_20_14
Synology Inc.Vendor Advisory
Jump to