Vulnerability Details CVE-2024-10444
Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows man-in-the-middle attackers to hijack the authentication of administrators via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2024-10444
-
cpe:2.3:o:synology:diskstation_manager:7.1
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-1
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-2
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-3
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-4
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-1
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-2
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-3
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-4
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-5
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-6
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-7
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-1
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-2
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-3
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-4
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-5
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-6
-
cpe:2.3:o:synology:diskstation_manager:7.2.2
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72803
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806-1
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806-2