Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Syncrify < 2.1 Build 420 Multiple Security Bypass Vulnerabilities

Medium

Synopsis

The remote web server is hosting a web application that is affected by multiple security bypass vulnerabilities.

Description

The remote web server is hosting Syncrify, a web-based incremental backup application.

Versions of Syncrify earlier than 2.1 Build 420 are potentially affected by multiple security bypass vulnerabilities :

- The application fails to restrict access to the password management page and allows users to change the administrator's password by directly accessing that page.

- It is possible for users to browse and download unauthorized files by accessing them directly.

Solution

Upgrade to Syncrify 2.1 Build 420 or later.