Описание
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has been patched in version 9.1.0.
Ссылки
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.1.0 (исключая)
cpe:2.3:a:accellion:kiteworks_managed_file_transfer:*:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00021
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-352
EPSS
Процентиль: 5%
0.00021
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-352