Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel
Vulnerability Description
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances to intercept upstream communication which could lead to an escalation of privileges. This issue has been patched in version 9.1.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通信信道中错误指定的目的地
Vulnerability Title
Kiteworks Mft 安全漏洞
Vulnerability Description
Kiteworks Mft是美国Kiteworks公司的一个安全管理内部和外部数据传输的软件。 Kiteworks MFT 9.1.0之前版本存在安全漏洞,该漏洞源于通信信道目标定义不当,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A