Synology-SA-21:06 CardDAV Server

Publish Time: 2021-02-23 03:17:26 UTC+8

Last Updated: 2021-02-23 03:17:26 UTC+8

Severity
Important
Status
Resolved

Abstract

A vulnerability allows remote authenticated users to execute arbitrary SQL commands via a susceptible version of CardDAV Server.

Affected Products

Product Severity Fixed Release Availability
CardDAV Server Important Upgrade to 6.0.10-0153 or above.

Mitigation

None

Detail

Reserved

Revision

Revision Date Description
1 2021-02-23 Initial public release.