CVE-2022-27619
First published: Wed Aug 03 2022(Updated: )
Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
Credit: security@synology.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Synology Note Station | <2.2.2-609 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID for this vulnerability?
The CVE ID for this vulnerability is CVE-2022-27619.
What is the severity of CVE-2022-27619?
The severity of CVE-2022-27619 is medium.
What software is affected by CVE-2022-27619?
The Synology Note Station Client version up to 2.2.2-609 is affected by CVE-2022-27619.
How can a man-in-the-middle attacker exploit CVE-2022-27619?
A man-in-the-middle attacker can exploit CVE-2022-27619 to obtain sensitive information by intercepting cleartext transmission in authentication management.
Is there a fix available for CVE-2022-27619?
Yes, a fix is available for CVE-2022-27619. Please refer to the Synology security advisory for more information.
- collector/nvd-index
- vendor/synology
- canonical/synology note station