5 matches found
CVE-2023-40060
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...
SolarWinds Serv-U 15.4 < 15.4 HF2 Authentication Bypass
The version of SolarWinds Serv-U installed on the remote host is prior to 15.4 HF2. It is, therefore, affected by a vulnerability as referenced in the serv-u154hf2 advisory. - A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass...
CVE-2023-40060
creationtimestamp| type| source ---|---|--- 2023-09-07 20:18:47+00:00| seen| https://t.me/cibsecurity/70099...
CVE-2023-40060 2FA/MFA Bypass Vulnerability in Serv-U 15.4 and 15.4 Hotfix 1
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...
CVE-2023-40060
Summary: CVE-2023-40060 affects SolarWinds Serv-U 15.4 and 15.4 Hotfix 1, allowing an administrator-level attacker to bypass MFA/MFA. The issue was not fully resolved by 15.4 Hotfix 1. Affected software & cause: Serv-U FTP Server (15.4 and 15.4 Hotfix 1). The root cause is an authentication bypas...