File Transfer Appliance Security Vulnerabilities and Issues — File Transfer Appliance CVE List

Lucene search

AccellionFile Transfer Appliance

4 matches found

CVE•added 2016/05/07 2:59 p.m.•41 views

CVE-2016-2351

SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter.

9.8CVSS9.9AI score0.00821EPSS

CVE•added 2016/05/07 2:59 p.m.•41 views

CVE-2016-2353

The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors.

7.8CVSS8.4AI score0.00044EPSS

CVE•added 2016/05/07 2:59 p.m.•39 views

CVE-2016-2350

Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) getimageajax.php, (2) move_partition_frame.html, or (3) wmInfo.html.

6.1CVSS7.1AI score0.00295EPSS

CVE•added 2016/05/07 2:59 p.m.•39 views

CVE-2016-2352

The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role.

8.8CVSS9.2AI score0.00992EPSS