Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
2FA/MFA Bypass Vulnerability in Serv-U 15.4 and 15.4 Hotfix 1
Vulnerability Description
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
SolarWinds Serv-U FTP Server 访问控制错误漏洞
Vulnerability Description
SolarWinds Serv-U FTP Server是美国SolarWinds公司的一套FTP和MFT文件传输软件。 SolarWinds Serv-U FTP Server 15.4 HF2之前版本存在访问控制错误漏洞,该漏洞源于攻击者可以绕过多因素/双因素身份验证。
CVSS Information
N/A
Vulnerability Type
N/A