CVE-2023-40048
CVSS V2 None
CVSS V3 None
Description
In WS_FTP Server version prior to 8.8.2,
the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.
Overview
- CVE ID
- CVE-2023-40048
- Assigner
- ProgressSoftware
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-09-27T14:51:35.413Z
- Last Modified Date
- 2023-09-27T15:23:59.241Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.progress.com/ws_ftp | product |
| https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-40048 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40048 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 02:37:01 | Added to TrackCVE |