WS_FTP Server Information Disclosure via Directory Listing
CVE-2023-40049
5.3MEDIUM
Summary
In WS_FTP Server version prior to 8.8.2,
an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing.
Affected Version(s)
WS_FTP Server 8.8.0
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database
Credit
Cristian Mocanu - Deloitte