Active Backup For Business Agent
Approved changes feed: RSS · Atom
cpe:2.3:a:synology:active_backup_for_business_agent:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Synology (65464e9b-7339-559d-9719-837f074e0220) |
|---|---|
| Product | Active Backup For Business Agent (d8c6fb78-f3bc-55c4-816d-4e54c69018e6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-47266 |
vulnerable | 2026-06-03 14:57:00.921098 |
Details available
LOW (2.7)
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files containing non-sensitive information via unspecified vectors.
Published: 2025-02-13T06:26:06.229Z
Updated: 2025-02-13T15:54:15.268Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-47265 |
vulnerable | 2026-06-03 14:57:00.920711 |
Details available
MEDIUM (6.5)
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vectors.
Published: 2025-02-13T06:25:55.487Z
Updated: 2025-09-16T13:44:48.738Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-47264 |
vulnerable | 2026-06-03 14:57:00.918141 |
Details available
MEDIUM (4.9)
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files via unspecified vectors.
Published: 2025-02-13T06:25:31.750Z
Updated: 2025-02-18T17:21:29.800Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-52950 |
vulnerable | 2026-06-03 14:53:40.020708 |
Details available
MEDIUM (5.3)
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.
Published: 2024-09-26T03:40:25.753Z
Updated: 2024-11-15T17:34:23.550Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-52949 |
vulnerable | 2026-06-03 14:53:40.020315 |
Details available
MEDIUM (5.5)
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
Published: 2024-09-26T03:42:35.862Z
Updated: 2024-11-15T17:34:20.288Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-52948 |
vulnerable | 2026-06-03 14:53:40.019861 |
Details available
MEDIUM (5)
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
Published: 2024-09-26T03:41:55.659Z
Updated: 2024-11-15T17:34:45.374Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-52947 |
vulnerable | 2026-06-03 14:53:40.018501 |
Details available
MEDIUM (4)
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecified vectors. The backup functionality will continue to operate and will not be affected by the logout.
Published: 2024-09-26T03:41:03.462Z
Updated: 2024-09-26T14:38:53.499Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.