Description
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Synology | Photo Station | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2018-5230 | Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: synology
Published:
Updated: 2024-09-16T20:07:10.099Z
Reserved: 2018-07-05T00:00:00.000Z
Link: CVE-2018-13282
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-10-31T16:29:00.393
Modified: 2024-11-21T03:46:45.160
Link: CVE-2018-13282
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses