CVE-2017-15891 - AskarLabs CVE Database

CVE-2017-15891

Vendor Synology

Product Synology Calendar

Weakness CWE-284

Published December 8, 2017

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar before 2.0.1-0242 allows remote authenticated users to modify calendar event via unspecified vectors.

Key dates

02Disclosure timeline

December 8, 2017 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-15891 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2023-46665 Improper Access Control in Sielco PolyEco1000 CVE-2023-26474 XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author CVE-2025-5163 yangshare 技术杨工 warehouseManager 仓库管理系统 access control CVE-2024-45122 Adobe Commerce | Improper Access Control (CWE-284) CVE-2019-15590