In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Progress Software
Progress Software ws Ftp Server |
|
CPEs | cpe:2.3:a:progress_software:ws_ftp_server:*:*:*:*:*:*:*:* | |
Vendors & Products |
Progress Software
Progress Software ws Ftp Server |
|
Metrics |
ssvc
|
Tue, 12 Nov 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. | |
Title | Multi-Factor Authentication Bypass in Progress WS_FTP Server | |
Weaknesses | CWE-303 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-11-12T16:33:00.600Z
Updated: 2024-11-12T17:19:06.940Z
Reserved: 2024-10-15T14:12:52.968Z
Link: CVE-2024-9999
Vulnrichment
Updated: 2024-11-12T17:18:52.988Z
NVD
Status : Awaiting Analysis
Published: 2024-11-12T17:15:12.013
Modified: 2024-11-13T17:01:58.603
Link: CVE-2024-9999
Redhat
No data.