CVE-2023-2729

🗓️ 13 Jun 2023 07:11:54Reported by synologyType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 128 Views

Use of insufficiently random values vulnerability in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-2729	19 Oct 202303:53	–	circl
CNNVD	Synology DiskStation Manager 安全特征问题漏洞	13 Jun 202300:00	–	cnnvd
Cvelist	CVE-2023-2729	13 Jun 202307:11	–	cvelist
EUVD	EUVD-2023-34191	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2729	13 Jun 202308:15	–	nvd
OpenVAS	Synology Router Manager (SRM) 1.2.x, 1.3.x Use of Insufficiently Random Values Vulnerability (Synology-SA-23:08) - Unreliable Remote Version Check	19 Jun 202300:00	–	openvas
OpenVAS	Synology Router Manager (SRM) 1.2.x, 1.3.x Use of Insufficiently Random Values Vulnerability (Synology-SA-23:08) - Remote Known Vulnerable Versions Check	19 Jun 202300:00	–	openvas
OSV	CVE-2023-2729	13 Jun 202308:15	–	osv
Prion	Design/Logic Flaw	13 Jun 202308:15	–	prion
Positive Technologies	PT-2023-21053 · Synology · Synology Diskstation Manager	13 Jun 202300:00	–	ptsecurity

NVD

Node

synology diskstation_manager_unified_controllerMatch3.1

synology router_managerRange1.2–1.3.1-9346

synology router_managerMatch1.3.1-9346

synology router_managerMatch1.3.1-9346update_1

synology router_managerMatch1.3.1-9346update_2

synology router_managerMatch1.3.1-9346update_3

synology router_managerMatch1.3.1-9346update_4

synology router_managerMatch1.3.1-9346update_5

synology diskstation_managerRange6.2–7.2-64561

[
  {
    "vendor": "Synology",
    "product": "DiskStation Manager (DSM)",
    "versions": [
      {
        "version": "7.2",
        "status": "affected",
        "lessThan": "7.2-64561",
        "versionType": "semver"
      },
      {
        "version": "7.1",
        "status": "affected",
        "lessThan": "7.1.*",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "status": "affected",
        "lessThan": "7.0.*",
        "versionType": "semver"
      },
      {
        "version": "6.2",
        "status": "affected",
        "lessThan": "6.2.*",
        "versionType": "semver"
      },
      {
        "version": "0",
        "status": "unknown",
        "lessThan": "6.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "Synology",
    "product": "Unified Controller (DSMUC)",
    "versions": [
      {
        "version": "3.1",
        "status": "affected",
        "lessThan": "3.1.*",
        "versionType": "semver"
      },
      {
        "version": "0",
        "status": "unknown",
        "lessThan": "3.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "Synology",
    "product": "Synology Router Manager (SRM)",
    "versions": [
      {
        "version": "1.3",
        "status": "affected",
        "lessThan": "1.3.*",
        "versionType": "semver"
      },
      {
        "version": "1.2",
        "status": "affected",
        "lessThan": "1.2.*",
        "versionType": "semver"
      },
      {
        "version": "0",
        "status": "unknown",
        "lessThan": "1.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
synology	www.synology.com/en-global/security/advisory/Synology_SA_23_08
synology	www.synology.com/en-global/security/advisory/Synology_SA_23_07

14 Jan 2025 19:29Current

7.4High risk

Vulners AI Score7.4

CVSS 3.15.9 - 7.5

EPSS0.00279

SSVC