Sign-up

ID

VAR-201505-0107


CVE

CVE-2015-2851


TITLE

Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files

Trust: 0.8

sources: CERT/CC: VU#551972

DESCRIPTION

client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename. This file is setuid root It is possible to change the owner of any system file by ordinary users. CWE-276 http://cwe.mitre.org/data/definitions/276.htmlOS X An ordinary user may change the owner of any system file. as a result, root You may get permission. Synology Cloud Station sync client is prone to a local privilege-escalation vulnerability. Exploiting this issue allows local attackers to gain root privileges. Synology Cloud Station sync client 1.1-2291 versions prior to 3.2-3475 are vulnerable. Synology Cloud Station is a Synology company's solution for synchronizing data between all devices using cloud stations

Trust: 2.7

sources: NVD: CVE-2015-2851 // CERT/CC: VU#551972 // JVNDB: JVNDB-2015-002841 // BID: 74826 // VULHUB: VHN-80812

AFFECTED PRODUCTS

vendor:synologymodel:cloud stationscope:eqversion:2.1-2577

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.0-3005

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.0-3111

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.1-3317

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.0-3108

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.0-3109

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:2.0-2291

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:3.1-3320

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:2.0-2402

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:2.1-2561

Trust: 1.6

vendor:synologymodel:cloud stationscope:eqversion:1.1-2291

Trust: 1.0

vendor:synologymodel:cloud stationscope:eqversion:3.0-3103

Trust: 1.0

vendor:synologymodel:cloud stationscope:eqversion:2.1-2570

Trust: 1.0

vendor:synologymodel: - scope: - version: -

Trust: 0.8

vendor:synologymodel:cloud stationscope:ltversion:3.2-3475 earlier

Trust: 0.8

vendor:synologymodel:cloud station sync clientscope:eqversion:1.1-2291

Trust: 0.3

vendor:synologymodel:cloud station sync clientscope:neversion:3.2-3475

Trust: 0.3

sources: CERT/CC: VU#551972 // BID: 74826 // JVNDB: JVNDB-2015-002841 // CNNVD: CNNVD-201505-602 // NVD: CVE-2015-2851

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2015-2851
value: MEDIUM

Trust: 1.6

nvd@nist.gov: CVE-2015-2851
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-201505-602
value: MEDIUM

Trust: 0.6

VULHUB: VHN-80812
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-2851
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

NVD: CVE-2015-2851
severity: MEDIUM
baseScore: 6.8
vectorString: NONE
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-80812
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#551972 // VULHUB: VHN-80812 // JVNDB: JVNDB-2015-002841 // CNNVD: CNNVD-201505-602 // NVD: CVE-2015-2851

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-80812 // JVNDB: JVNDB-2015-002841 // NVD: CVE-2015-2851

THREAT TYPE

local

Trust: 0.9

sources: BID: 74826 // CNNVD: CNNVD-201505-602

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201505-602

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002841

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#551972

PATCH
title:Download Centerurl:https://www.synology.com/en-us/support/download/DX1215
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-002841

EXTERNAL IDS
db:CERT/CCid:VU#551972
Trust: 3.6
db:NVDid:CVE-2015-2851
Trust: 2.8
db:BIDid:74826
Trust: 1.4
db:JVNid:JVNVU98783868
Trust: 0.8
db:JVNDBid:JVNDB-2015-002841
Trust: 0.8
db:CNNVDid:CNNVD-201505-602
Trust: 0.7
db:VULHUBid:VHN-80812
Trust: 0.1
sources:
            
            
            CERT/CC: VU#551972 // 
            
            
            
            VULHUB: VHN-80812 // 
            
            
            
            BID: 74826 // 
            
            
            
            JVNDB: JVNDB-2015-002841 // 
            
            
            
            CNNVD: CNNVD-201505-602 // 
            
            
            
            NVD: CVE-2015-2851

REFERENCES
url:http://www.kb.cert.org/vuls/id/551972
Trust: 2.8
url:http://www.kb.cert.org/vuls/id/bluu-9vbu45
Trust: 1.7
url:http://www.securityfocus.com/bid/74826
Trust: 1.1
url:about vulnerability notes
Trust: 0.8
url:contact us about this vulnerability
Trust: 0.8
url:provide a vendor statement
Trust: 0.8
url:https://www.synology.com/en-us/support/download/
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2851
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98783868/
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2851
Trust: 0.8
url:https://www.synology.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#551972 // 
            
            
            
            VULHUB: VHN-80812 // 
            
            
            
            BID: 74826 // 
            
            
            
            JVNDB: JVNDB-2015-002841 // 
            
            
            
            CNNVD: CNNVD-201505-602 // 
            
            
            
            NVD: CVE-2015-2851

CREDITS
Jeremy Kemp
Trust: 0.3
sources:
            
            
            BID: 74826

SOURCES
db:CERT/CCid:VU#551972
db:VULHUBid:VHN-80812
db:BIDid:74826
db:JVNDBid:JVNDB-2015-002841
db:CNNVDid:CNNVD-201505-602
db:NVDid:CVE-2015-2851

LAST UPDATE DATE
2025-04-13T23:09:54.598000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#551972date:2015-05-27T00:00:00
db:VULHUBid:VHN-80812date:2016-12-03T00:00:00
db:BIDid:74826date:2015-05-26T00:00:00
db:JVNDBid:JVNDB-2015-002841date:2015-06-03T00:00:00
db:CNNVDid:CNNVD-201505-602date:2015-06-05T00:00:00
db:NVDid:CVE-2015-2851date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#551972date:2015-05-26T00:00:00
db:VULHUBid:VHN-80812date:2015-05-30T00:00:00
db:BIDid:74826date:2015-05-26T00:00:00
db:JVNDBid:JVNDB-2015-002841date:2015-05-29T00:00:00
db:CNNVDid:CNNVD-201505-602date:2015-05-30T00:00:00
db:NVDid:CVE-2015-2851date:2015-05-30T19:59:03.880