Known Vulnerabilities for Carddav Server by Synology

Listed below are 2 of the newest known vulnerabilities associated with "Carddav Server" by "Synology".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2018-8928	Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote au...	5.4 - MEDIUM	2018-07-05	2019-10-09
CVE-2017-15887	An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6...	9.8 - CRITICAL	2017-11-07	2019-10-09

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Synology	Carddav Server	6.0.9-0087	All	All	All
Application	Synology	Carddav Server	6.0.8-0086	All	All	All
Application	Synology	Carddav Server	6.0.7-0085	All	All	All
Application	Synology	Carddav Server	6.0.6-0083	All	All	All
Application	Synology	Carddav Server	6.0.5-0081	All	All	All
Application	Synology	Carddav Server	6.0.4-0080	All	All	All
Application	Synology	Carddav Server	6.0.3-0078	All	All	All
Application	Synology	Carddav Server	6.0.2-0077	All	All	All
Application	Synology	Carddav Server	6.0.0-0074	All	All	All
Application	Synology	Carddav Server	5.2.0-0028	All	All	All
Application	Synology	Carddav Server	5.2.0-0027	All	All	All
Application	Synology	Carddav Server	5.2.0-0026	All	All	All
Application	Synology	Carddav Server	5.2.0-0021	All	All	All
Application	Synology	Carddav Server	5.2.0-0019	All	All	All