CVE-2023-45690 Information leak via default file permissions on Titan MFT and Titan SFTP servers

2023-10-1616:20:52

CWE-276

rapid7

www.cve.org

information leak

file permissions

titan mft

titan sftp

linux

authentication

5.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.1%

JSON

Default file permissions on South River Technologies’ Titan MFT and Titan SFTP servers on Linux allows a user that’s authentication to the OS to read sensitive files on the filesystem

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Titan MFT",
    "vendor": "South River Technologies",
    "versions": [
      {
        "lessThanOrEqual": "2.0.17.2298",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Linux"
    ],
    "product": "Titan SFTP",
    "vendor": "South River Technologies",
    "versions": [
      {
        "lessThanOrEqual": "2.0.17.2298",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]