Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004.
CPE | Name | Operator | Version |
---|---|---|---|
secure_file_transfer | ge | 6.0.1000 | |
secure_file_transfer | le | 6.0.1003 | |
secure_file_transfer | ge | 5.0.1050 | |
secure_file_transfer | le | 5.1.1067 |