Back to CVE List

CVE-2021-47961

HIGH SEVERITY

CVSS Score & Metrics

Base Score
8.1 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Vulnerability Description

A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-256
Source
NVD
Vendor
Synology
Product
Synology SSL VPN Client

External References

Discussion (0)

Add Comment

No comments yet. Be the first!