Описание
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.0 (исключая)
cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00126
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-303
CWE-287
Связанные уязвимости
CVSS3: 6.5
github
больше 1 года назад
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
EPSS
Процентиль: 33%
0.00126
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-303
CWE-287