An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders.
History

Fri, 13 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 13 Dec 2024 15:30:00 +0000

Type Values Removed Values Added
Description An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders.
Title Limited Information Disclosure in GoAnywhere MFT Prior to 7.7.0
Weaknesses CWE-200
CWE-425
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Fortra

Published: 2024-12-13T15:22:31.536Z

Updated: 2024-12-13T17:35:32.342Z

Reserved: 2024-10-14T17:47:11.055Z

Link: CVE-2024-9945

cve-icon Vulnrichment

Updated: 2024-12-13T17:35:09.654Z

cve-icon NVD

Status : Received

Published: 2024-12-13T16:15:28.267

Modified: 2024-12-13T16:15:28.267

Link: CVE-2024-9945

cve-icon Redhat

No data.