CVE-2022-24110

Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
accellionmanaged_file_transfer
𝑥
< 7.6
𝑥
= Vulnerable software versions
References
https://github.com/accellion/CVEs/blob/main/CVE-2022-24110.txt
https://www.kiteworks.com/platform/simple/managed-file-transfer/
https://github.com/accellion/CVEs/blob/main/CVE-2022-24110.txt
https://www.kiteworks.com/platform/simple/managed-file-transfer/