An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens.
References
Link | Resource |
---|---|
http://super.com | Not Applicable |
http://syncovery.com | Broken Link |
https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-330 |
17 Sep 2022, 02:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:syncovery:syncovery:*:*:*:*:*:*:*:* |
|
References | (MISC) http://syncovery.com - Broken Link | |
References | (MISC) http://super.com - Not Applicable | |
References | (MISC) https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/ - Exploit, Third Party Advisory | |
CWE | CWE-269 | |
First Time |
Syncovery
Linux linux Kernel Linux Syncovery syncovery |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
16 Sep 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-16 03:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-36536
Mitre link : CVE-2022-36536
CVE.ORG link : CVE-2022-36536
JSON object : View
Products Affected
linux
- linux_kernel
syncovery
- syncovery
CWE
CWE-330
Use of Insufficiently Random Values