Synology-SA-21:06 CardDAV Server
Publish Time: 2021-02-23 03:17:26 UTC+8
Last Updated: 2021-02-23 03:17:26 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
A vulnerability allows remote authenticated users to execute arbitrary SQL commands via a susceptible version of CardDAV Server.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| CardDAV Server | Important | Upgrade to 6.0.10-0153 or above. |
Mitigation
None
Detail
Reserved
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2021-02-23 | Initial public release. |