CVE-2022-3576

CVSS 5.3 MEDIUMEPSS 0.9%CWE-125

A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to obtain sensitive information via unspecified vectors. The following models with Synology DiskStation Manager (DSM) versions before 7.1.1-42962-2 may be affected: DS3622xs+, FS3410, and HD6500.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Synology · DiskStation Manager (DSM)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.synology.com/security/advisory/Synology_SA_22_17