CVE-2017-12076 — Uncontrolled Resource Consumption in Synology Diskstation Manager

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.5%

top 35.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Synology Diskstation Manager

Timeline

PublishedAug 28

Latest updateMay 17

Description

Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages1 packages

▶NVDsynology/diskstation_manager6.1+1

🔴Vulnerability Details

GHSA

GHSA-26mq-crw9-r9mc: Uncontrolled Resource Consumption vulnerability in SYNO↗2022-05-17

▶

CVEList

CVE-2017-12076: Uncontrolled Resource Consumption vulnerability in SYNO↗2017-08-28

▶