CVE-2015-2851
Published May 30, 2015
Last updated 8 years ago
Overview
- Description
- client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.
- Source
- cret@cert.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:cloud_station:1.1-2291:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89282A91-62F9-4FAD-907E-59E7A7C41AC9"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:2.0-2291:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E94D6674-B445-47A6-8B89-3696B43DB5EB"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:2.0-2402:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4E69C0A-2D3F-48F6-B667-88E7C7058FD3"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2561:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35EE80A5-5B4B-459B-A12E-F39BEE10C37F"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2570:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD4E307D-9C66-465E-8568-B421852B169E"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:2.1-2577:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C540D06-6F76-4FA0-8D39-40A9747A360D"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B670697-975E-4931-9C3B-8ACEBC0E2843"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3103:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE880EA1-54F3-4A1B-96AD-DCF720A6F7E1"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3108:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10B5BDA7-0035-42FA-A835-9E98DE647BE1"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3109:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "311CDD0F-26F3-47BA-BF73-FC6CB2BE3E10"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.0-3111:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E60BA19E-3CCD-4BE0-8500-D385A3592ECA"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.1-3317:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AA63857-7611-485D-AE43-D6F15B893CD2"
},
{
"criteria": "cpe:2.3:a:synology:cloud_station:3.1-3320:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "872EDE63-3B43-49E4-8234-7BCB674E3070"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]