FKIE_CVE-2024-7744

Vulnerability from fkie_nvd - Published: 2024-08-28 17:15 - Updated: 2024-09-04 17:57
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal.   An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:)
References
security@progress.comhttps://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024Vendor Advisory
security@progress.comhttps://www.progress.com/ftp-serverProduct
Impacted products
Vendor Product Version
progress ws_ftp_server *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8672E4-5F87-4A71-93F9-914643F56F4F",
              "versionEndExcluding": "8.8.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal.\n\u00a0\n\nAn authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host\u0027s root folder is located (by default this is C:)"
    },
    {
      "lang": "es",
      "value": "En las versiones de WS_FTP Server anteriores a la 8.8.8 (2022.0.8), una vulnerabilidad de limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\"Path Traversal\") en el m\u00f3dulo de transferencia web permite el descubrimiento de archivos, el sondeo de archivos del sistema, el nombre de archivo controlado por el usuario y Path Traversal. Se ha identificado una falla de descarga de archivos autenticados en la que un usuario puede crear una llamada API que le permite descargar un archivo desde una carpeta arbitraria en la unidad donde se encuentra la carpeta ra\u00edz del host de ese usuario (de manera predeterminada, es C:)"
    }
  ],
  "id": "CVE-2024-7744",
  "lastModified": "2024-09-04T17:57:51.657",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "security@progress.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-28T17:15:11.380",
  "references": [
    {
      "source": "security@progress.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024"
    },
    {
      "source": "security@progress.com",
      "tags": [
        "Product"
      ],
      "url": "https://www.progress.com/ftp-server"
    }
  ],
  "sourceIdentifier": "security@progress.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        },
        {
          "lang": "en",
          "value": "CWE-73"
        }
      ],
      "source": "security@progress.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.