Lucene search
K
AccellionKiteworks Managed File Transfer*

4 matches found

CVE
CVE
added 2025/11/29 2:24 a.m.16 views

CVE-2025-53896

CVE-2025-53896 affects Kiteworks MFT prior to version 9.1.0. A bug could allow a user’s active session to fail to time out after inactivity under certain conditions. Red Hat and other sources confirm the issue and its patch in version 9.1.0. Impact details are limited to session expiration misbeh...

8.1CVSS6.4AI score0.0017EPSS
CVE
CVE
added 2025/11/29 2:25 a.m.16 views

CVE-2025-53899

CVE-2025-53899 affects Kiteworks MFT prior to version 9.1.0. The back-end suffers from an incorrectly specified destination in a communication channel, which could allow an attacker with administrative privileges to intercept upstream communication and potentially escalate privileges. The issue i...

7.2CVSS6.7AI score0.00819EPSS
CVE
CVE
added 2025/11/29 2:24 a.m.12 views

CVE-2025-53897

CVE-2025-53897 affects Kiteworks MFT prior to 9.1.0. A crafted fake page could trick an administrator into visiting it, allowing an external attacker to access log information from the system. The issue is resolved in version 9.1.0. Affected product/version details and remediation are supported b...

6.8CVSS6.4AI score0.00172EPSS
CVE
CVE
added 2025/11/29 2:25 a.m.12 views

CVE-2025-53900

Kiteworks MFT is affected by CVE-2025-53900 due to an improper definition of roles and permissions when managing Connections. Prior to version 9.1.0, this could allow an authorized user to escalate privileges within end-to-end file transfer workflows. The issue has been fixed in version 9.1.0. Af...

8.8CVSS6.7AI score0.00995EPSS