Vulnerability Details CVE-2023-24029
In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.7%
CVSS Severity
CVSS v3 Score 7.2
References
- https://community.progress.com/s/article/WS-FTP-Server-Critical-Security-Product-Alert-Bulletin-January-2023?popup=true
- https://www.progress.com/ws_ftp
- https://community.progress.com/s/article/WS-FTP-Server-Critical-Security-Product-Alert-Bulletin-January-2023?popup=true
- https://www.progress.com/ws_ftp
Products affected by CVE-2023-24029
-
cpe:2.3:a:progress:ws_ftp_server:-
-
cpe:2.3:a:progress:ws_ftp_server:1.0.1
-
cpe:2.3:a:progress:ws_ftp_server:1.0.1.e
-
cpe:2.3:a:progress:ws_ftp_server:1.0.2
-
cpe:2.3:a:progress:ws_ftp_server:1.0.2.e
-
cpe:2.3:a:progress:ws_ftp_server:1.0.3
-
cpe:2.3:a:progress:ws_ftp_server:1.0.4
-
cpe:2.3:a:progress:ws_ftp_server:1.0.5
-
cpe:2.3:a:progress:ws_ftp_server:2.0
-
cpe:2.3:a:progress:ws_ftp_server:2.0.1
-
cpe:2.3:a:progress:ws_ftp_server:2.0.2
-
cpe:2.3:a:progress:ws_ftp_server:2.0.3
-
cpe:2.3:a:progress:ws_ftp_server:2.0.4
-
cpe:2.3:a:progress:ws_ftp_server:3.0
-
cpe:2.3:a:progress:ws_ftp_server:3.1
-
cpe:2.3:a:progress:ws_ftp_server:3.1.1
-
cpe:2.3:a:progress:ws_ftp_server:3.1.2
-
cpe:2.3:a:progress:ws_ftp_server:3.1.3
-
cpe:2.3:a:progress:ws_ftp_server:3.4
-
cpe:2.3:a:progress:ws_ftp_server:4.0
-
cpe:2.3:a:progress:ws_ftp_server:4.0.1
-
cpe:2.3:a:progress:ws_ftp_server:4.0.2
-
cpe:2.3:a:progress:ws_ftp_server:5.0.2
-
cpe:2.3:a:progress:ws_ftp_server:5.0.3
-
cpe:2.3:a:progress:ws_ftp_server:5.0.4
-
cpe:2.3:a:progress:ws_ftp_server:5.0.5
-
cpe:2.3:a:progress:ws_ftp_server:5.0.8
-
cpe:2.3:a:progress:ws_ftp_server:6.1.0.0
-
cpe:2.3:a:progress:ws_ftp_server:6.1.1
-
cpe:2.3:a:progress:ws_ftp_server:7.0
-
cpe:2.3:a:progress:ws_ftp_server:7.1
-
cpe:2.3:a:progress:ws_ftp_server:7.5
-
cpe:2.3:a:progress:ws_ftp_server:7.5.1
-
cpe:2.3:a:progress:ws_ftp_server:7.6
-
cpe:2.3:a:progress:ws_ftp_server:7.6.2
-
cpe:2.3:a:progress:ws_ftp_server:7.6.2.1
-
cpe:2.3:a:progress:ws_ftp_server:7.6.3
-
cpe:2.3:a:progress:ws_ftp_server:7.7
-
cpe:2.3:a:progress:ws_ftp_server:8.0
-
cpe:2.3:a:progress:ws_ftp_server:8.0.1
-
cpe:2.3:a:progress:ws_ftp_server:8.0.2
-
cpe:2.3:a:progress:ws_ftp_server:8.5
-
cpe:2.3:a:progress:ws_ftp_server:8.5.4
-
cpe:2.3:a:progress:ws_ftp_server:8.6
-
cpe:2.3:a:progress:ws_ftp_server:8.6.0
-
cpe:2.3:a:progress:ws_ftp_server:8.6.1
-
cpe:2.3:a:progress:ws_ftp_server:8.7
-
cpe:2.3:a:progress:ws_ftp_server:8.7.1
-
cpe:2.3:a:progress:ws_ftp_server:8.7.2
-
cpe:2.3:a:progress:ws_ftp_server:8.7.3
-
cpe:2.3:a:progress:ws_ftp_server:8.7.4
-
cpe:2.3:a:progress:ws_ftp_server:8.7.5
-
cpe:2.3:a:progress:ws_ftp_server:8.7.6