CVE-2022-22681
First published: Wed Jul 06 2022(Updated: )
Session fixation vulnerability in access control management in Synology Photo Station before 6.8.16-3506 allows remote attackers to bypass security constraint via unspecified vectors.
Credit: security@synology.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Synology Photo Station | <6.8.16-3506 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2022-22681.
What is the title of this vulnerability?
The title of this vulnerability is "Session fixation vulnerability in access control management in Synology Photo Station before 6.8.16-3506."
How does this vulnerability impact Synology Photo Station?
This vulnerability allows remote attackers to bypass security constraint in access control management in Synology Photo Station.
What is the severity of CVE-2022-22681?
The severity of CVE-2022-22681 is high with a CVSS score of 7.5.
How can I fix this vulnerability in Synology Photo Station?
To fix this vulnerability, update Synology Photo Station to version 6.8.16-3506 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/synology
- canonical/synology photo station