CVE-2023-52947 — MEDIUM (4.0)

Q: How severe is CVE-2023-52947?

CVE-2023-52947 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-52947?

Check the references section above for vendor advisories and patch information. Affected products include: Synology Active Backup For Business Agent.

Vulnerability Description

Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.

CVSS Score

4.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Synology	Active Backup For Business Agent	< 2.6.0-3101

Related Weaknesses (CWE)

CWE-306

References

https://www.synology.com/en-global/security/advisory/Synology_SA_24_11Vendor Advisory

FAQ

What is CVE-2023-52947?

CVE-2023-52947 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecifie...

How severe is CVE-2023-52947?

CVE-2023-52947 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-52947?

Check the references section above for vendor advisories and patch information. Affected products include: Synology Active Backup For Business Agent.