Lucene search

K
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CITRIX_SHAREFILE_CONTROLLER_CVE-2020-7473.NBIN
HistoryJun 02, 2020 - 12:00 a.m.

ShareFile Documents Unauthenticated Access (CVE-2020-7473)

2020-06-0200:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.2%

Security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving an attacker the ability to access ShareFile users’ documents and folders.

Storage zones created using a vulnerable version of the storage zones controller are at risk even if the storage zones controller has been subsequently updated.

Binary data citrix_sharefile_controller_CVE-2020-7473.nbin
VendorProductVersionCPE
citrixsharefilecpe:/a:citrix:sharefile

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.2%

Related for CITRIX_SHAREFILE_CONTROLLER_CVE-2020-7473.NBIN