Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2264

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2014-2264
Last Modified 03 Mar 2014 03:47:16
Published 02 Mar 2014 12:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2264

Summary

The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.

Vulnerable Systems

Application

  • Synology Diskstation Manager 4.3-3810


References

CERT-VN - VU#534284

MISC - http://forum.synology.com/enu/viewtopic.php?f=173&t=77644


Last Updated: 27 May 2016 10:56:46