Описание
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash.
Ссылки
- Release NotesVendor Advisory
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 12.1.3 (исключая)
cpe:2.3:a:enterprisedt:completeftp_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03009
Низкий
4.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash.
EPSS
Процентиль: 86%
0.03009
Низкий
4.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-327