CVE-2023-45687

Summary

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing

Affected Software

VendorProductVersion RangeStatus
South River TechnologiesTitan MFT0 <= 2.0.17.2298affected
South River TechnologiesTitan SFTP0 <= 2.0.17.2298affected

Weaknesses

  • CWE-384: CWE-384 Session Fixation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References