Synology-SA-17:78 Chat

Publish Time: 2017-12-18 11:16:12 UTC+8

Last Updated: 2017-12-28 10:06:23 UTC+8

Severity
Moderate
Status
Resolved

Abstract

These are multiple vulnerabilities allowing remote authenticated users to access intranet resources and inject arbitrary web scripts and HTML code via a susceptible version of Chat.

Updates for Affected Products

Product Severity Latest Patch
Chat Moderate Upgrade to 2.0.0-1124 or above.

Mitigation

None

Detail

  • CVE-2017-15886

    • Severity: Moderate
    • CVSS3 Base Score: 6.4
    • CVSS3 Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
    • Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0-1124 allows remote authenticated users to download arbitrary local files via crafted URI.
  • CVE-2017-15892

    • Severity: Moderate
    • CVSS3 Base Score: 4.4
    • CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
    • Multiple cross-site scripting (XSS) vulnerability in Slash Command Creator in Synology Chat before 2.0.0-1124 allows remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.

Revision History

Revision Date Description
1 2017-12-18 Initial public release.
2 2017-12-28 Disclosed vulnerability details.