CVE-2023-45687 - OpenCVE

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Southrivertech	Titan Mft Server Titan Sftp Server

Configuration 1 [-]

OR	cpe:2.3:a:southrivertech:titan_mft_server::::::linux::*
	cpe:2.3:a:southrivertech:titan_mft_server::::::windows::*

Configuration 2 [-]

OR	cpe:2.3:a:southrivertech:titan_sftp_server::::::linux::*
	cpe:2.3:a:southrivertech:titan_sftp_server::::::windows::*

No data.

References

Link	Providers
https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690
https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/

History

No history.

MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2023-10-16T16:12:31.582Z

Updated: 2024-09-16T17:41:29.875Z

Reserved: 2023-10-10T19:07:28.771Z

Link: CVE-2023-45687

Vulnrichment

Updated: 2024-08-02T20:29:31.676Z

NVD

Status : Modified

Published: 2023-10-16T17:15:10.107

Modified: 2024-09-17T02:35:31.720

Link: CVE-2023-45687

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45687", "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "state": "PUBLISHED", "assignerShortName": "rapid7", "dateReserved": "2023-10-10T19:07:28.771Z", "datePublished": "2023-10-16T16:12:31.582Z", "dateUpdated": "2024-09-16T17:41:29.875Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux", "Windows"], "product": "Titan MFT", "vendor": "South River Technologies", "versions": [{"lessThanOrEqual": "2.0.17.2298", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux", "Windows"], "product": "Titan SFTP", "vendor": "South River Technologies", "versions": [{"lessThanOrEqual": "2.0.17.2298", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2023-10-16T15:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing"}], "value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-384", "description": "CWE-384 Session Fixation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7", "dateUpdated": "2023-10-16T16:12:31.582Z"}, "references": [{"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"}, {"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"}], "source": {"discovery": "UNKNOWN"}, "title": "Authentication bypass via session fixation in Titan MFT and Titan SFTP servers", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:31.676Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/", "tags": ["x_transferred"]}, {"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "southrivertech", "product": "titan_mft_server", "cpes": ["cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.0.18", "versionType": "custom"}]}, {"vendor": "southrivertech", "product": "titan_mft_server", "cpes": ["cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:windows:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.0.18", "versionType": "custom"}]}, {"vendor": "southrivertech", "product": "titan_sftp_server", "cpes": ["cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:linux:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.0.18", "versionType": "custom"}]}, {"vendor": "southrivertech", "product": "titan_sftp_server", "cpes": ["cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:windows:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.0.18", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-16T17:39:28.123875Z", "id": "CVE-2023-45687", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T17:41:29.875Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/", "tags": ["x_transferred"]}, {"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:31.676Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-45687", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-16T17:39:28.123875Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*"], "vendor": "southrivertech", "product": "titan_mft_server", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.18", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:windows:*:*"], "vendor": "southrivertech", "product": "titan_mft_server", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.18", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:linux:*:*"], "vendor": "southrivertech", "product": "titan_sftp_server", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.18", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:windows:*:*"], "vendor": "southrivertech", "product": "titan_sftp_server", "versions": [{"status": "affected", "version": "0", "lessThan": "2.0.18", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-16T17:41:20.340Z"}}], "cna": {"title": "Authentication bypass via session fixation in Titan MFT and Titan SFTP servers", "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "South River Technologies", "product": "Titan MFT", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.17.2298"}], "platforms": ["Linux", "Windows"], "defaultStatus": "unaffected"}, {"vendor": "South River Technologies", "product": "Titan SFTP", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.17.2298"}], "platforms": ["Linux", "Windows"], "defaultStatus": "unaffected"}], "datePublic": "2023-10-16T15:00:00.000Z", "references": [{"url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"}, {"url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing", "supportingMedia": [{"type": "text/html", "value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-384", "description": "CWE-384 Session Fixation"}]}], "providerMetadata": {"orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7", "dateUpdated": "2023-10-16T16:12:31.582Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45687", "state": "PUBLISHED", "dateUpdated": "2024-09-16T17:41:29.875Z", "dateReserved": "2023-10-10T19:07:28.771Z", "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "datePublished": "2023-10-16T16:12:31.582Z", "assignerShortName": "rapid7"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*", "matchCriteriaId": "6F4EB0AE-8C4A-4FF6-AE00-D87C9719C6D7", "versionEndExcluding": "2.0.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:windows:*:*", "matchCriteriaId": "2740E6FA-C5D8-465F-95A7-54F75421FD95", "versionEndExcluding": "2.0.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:linux:*:*", "matchCriteriaId": "B3EDB373-C26D-478D-9B44-D2D5A19276E5", "versionEndExcluding": "2.0.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:windows:*:*", "matchCriteriaId": "E6520883-8DE6-4682-8937-1E49573112EA", "versionEndExcluding": "2.0.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing"}, {"lang": "es", "value": "Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en los servidores Titan MFT y Titan SFTP de South River Technologies en Linux y Windows permite a un atacante eludir la autenticaci\u00f3n del servidor si puede enga\u00f1ar a un administrador para que autorice una identificaci\u00f3n de sesi\u00f3n de su elecci\u00f3n."}], "id": "CVE-2023-45687", "lastModified": "2024-09-17T02:35:31.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-10-16T17:15:10.107", "references": [{"source": "cve@rapid7.com", "tags": ["Vendor Advisory"], "url": "https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690"}, {"source": "cve@rapid7.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/"}], "sourceIdentifier": "cve@rapid7.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-384"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-384"}], "source": "cve@rapid7.com", "type": "Secondary"}]}