CVE-2023-45690

Опубликовано: 16 окт. 2023

Источник: nvd

CVSS3: 4.9

EPSS Низкий

Описание

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem

Ссылки

https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690
Vendor Advisory
https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/
Exploit
Third Party Advisory
https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690
Vendor Advisory
https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:southrivertech:titan_ftp_server:*:*:*:*:*:*:*:*

Версия до 2.0.16.2277 (включая)

Конфигурация 2

cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*

Версия до 2.0.18 (исключая)

EPSS

Процентиль: 47%

0.00237

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-276

Связанные уязвимости

GHSA-mfjh-chmq-4prp

CVSS3: 4.9

github

больше 2 лет назад