Lucene search

K
cvelistVulDBCVELIST:CVE-2024-1190
HistoryFeb 02, 2024 - 7:00 p.m.

CVE-2024-1190 Global Scape CuteFTP denial of service

2024-02-0219:00:06
CWE-404
VulDB
www.cve.org
global scape cuteftp
denial of service
vulnerability
local attack
disclosed exploit
vdb-252680

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

5.7 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%

A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CNA Affected

[
  {
    "vendor": "Global Scape",
    "product": "CuteFTP",
    "versions": [
      {
        "version": "9.3.0.3",
        "status": "affected"
      }
    ]
  }
]

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

5.7 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2024-1190