Lucene search

INCDCVELIST:CVE-2022-46370

HistoryJan 12, 2023 - 12:00 a.m.

CVE-2022-46370 Rumpus - FTP server Improper Token Verification

2023-01-1200:00:00

INCD

www.cve.org

rumpus

ftp server

version 9.0.7.1

token verification

vulnerability

bypassing identity

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

31.0%

JSON

Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.

CNA Affected

[
  {
    "vendor": "Rumpus",
    "product": "FTP server",
    "versions": [
      {
        "version": "latest",
        "status": "affected",
        "lessThan": "9.0.7.1*",
        "versionType": "custom"
      }
    ]
  }
]

References

www.gov.il/en/Departments/faq/cve_advisories

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

31.0%

JSON

Related for CVELIST:CVE-2022-46370