CVE-2023-24029

2023-02-0300:00:00

mitre

www.cve.org

cve-2023-24029

ws_ftp server

privilege elevation

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows.

References

community.progress.com/s/article/WS-FTP-Server-Critical-Security-Product-Alert-Bulletin-January-2023?popup=true

www.progress.com/ws_ftp