admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-456xx/CVE-2023-45687.json
cad-safe-bot 663fe4c57b Auto-Update: 2024-09-17T04:00:18.041800+00:00
2024-09-17 04:03:16 +00:00

147 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-45687",
"sourceIdentifier": "cve@rapid7.com",
"published": "2023-10-16T17:15:10.107",
"lastModified": "2024-09-17T02:35:31.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing"
},
{
"lang": "es",
"value": "Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en los servidores Titan MFT y Titan SFTP de South River Technologies en Linux y Windows permite a un atacante eludir la autenticaci\u00f3n del servidor si puede enga\u00f1ar a un administrador para que autorice una identificaci\u00f3n de sesi\u00f3n de su elecci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
},
{
"source": "cve@rapid7.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "2.0.18",
"matchCriteriaId": "6F4EB0AE-8C4A-4FF6-AE00-D87C9719C6D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.18",
"matchCriteriaId": "2740E6FA-C5D8-465F-95A7-54F75421FD95"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "2.0.18",
"matchCriteriaId": "B3EDB373-C26D-478D-9B44-D2D5A19276E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.18",
"matchCriteriaId": "E6520883-8DE6-4682-8937-1E49573112EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690",
"source": "cve@rapid7.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/",
"source": "cve@rapid7.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink