CVE-2022-24110

Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
accellionmanaged_file_transfer
𝑥
< 7.6
𝑥
= Vulnerable software versions
References
https://github.com/accellion/CVEs/blob/main/CVE-2022-24110.txt
https://www.kiteworks.com/platform/simple/managed-file-transfer/
https://github.com/accellion/CVEs/blob/main/CVE-2022-24110.txt
https://www.kiteworks.com/platform/simple/managed-file-transfer/