cvelistv5 - CVE-2023-40047

CVE-2023-40047 (GCVE-0-2023-40047)

Vulnerability from cvelistv5

Published

2023-09-27 14:50

Modified

2024-09-24 14:36

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Summary

In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.

References

URL

Tags

security@progress.com	https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023	Vendor Advisory
security@progress.com	https://www.progress.com/ws_ftp	Product
af854a3a-2127-422b-91ae-364da2661108	https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.progress.com/ws_ftp	Product

Impacted products

	Vendor	Product	Version
	Progress Software Corporation	WS_FTP Server	Version: 8.8.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:24:54.832Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://www.progress.com/ws_ftp"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ws_ftp_server",
            "vendor": "progress",
            "versions": [
              {
                "lessThan": "8.8.2",
                "status": "affected",
                "version": "8.8.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-40047",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-24T14:29:42.866762Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-24T14:36:57.450Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "modules": [
            "Server Manager"
          ],
          "product": "WS_FTP Server",
          "vendor": "Progress Software Corporation",
          "versions": [
            {
              "lessThan": "8.8.2",
              "status": "affected",
              "version": "8.8.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Cristian Mocanu - Deloitte"
        }
      ],
      "datePublic": "2023-09-27T14:50:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn WS_FTP Server version prior to 8.8.2,\u0026nbsp;\u003c/span\u003ea stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u0026nbsp; Once the cross-site scripting payload is successfully stored,\u0026nbsp;\u0026nbsp;an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\u003c/p\u003e\n\n"
            }
          ],
          "value": "\n\n\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-27T15:23:44.201Z",
        "orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
        "shortName": "ProgressSoftware"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://www.progress.com/ws_ftp"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "WS_FTP Server Stored Cross-Site Scripting Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
    "assignerShortName": "ProgressSoftware",
    "cveId": "CVE-2023-40047",
    "datePublished": "2023-09-27T14:50:55.329Z",
    "dateReserved": "2023-08-08T19:44:41.112Z",
    "dateUpdated": "2024-09-24T14:36:57.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-40047\",\"sourceIdentifier\":\"security@progress.com\",\"published\":\"2023-09-27T15:18:58.820\",\"lastModified\":\"2024-11-21T08:18:35.837\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\n\\n\\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\\n\\n\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"En la versi\u00f3n del servidor WS_FTP anterior a la 8.8.2, existe una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en el m\u00f3dulo de administraci\u00f3n del servidor WS_FTP. Un atacante con privilegios administrativos podr\u00eda importar un certificado SSL con atributos maliciosos que contengan payloads de Cross-Site Scripting. Una vez que el payload de Cross-Site Scripting se almacena con \u00e9xito, un atacante podr\u00eda aprovechar esta vulnerabilidad para atacar a los administradores del servidor WS_FTP con un payload especializado que resulta en la ejecuci\u00f3n de JavaScript malicioso dentro del contexto del navegador de la v\u00edctima.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@progress.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@progress.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.8.2\",\"matchCriteriaId\":\"D83F473A-56DC-4CC4-8831-EA78D4DC1539\"}]}]}],\"references\":[{\"url\":\"https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023\",\"source\":\"security@progress.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.progress.com/ws_ftp\",\"source\":\"security@progress.com\",\"tags\":[\"Product\"]},{\"url\":\"https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.progress.com/ws_ftp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.progress.com/ws_ftp\", \"tags\": [\"product\", \"x_transferred\"]}, {\"url\": \"https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T18:24:54.832Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-40047\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-24T14:29:42.866762Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*\"], \"vendor\": \"progress\", \"product\": \"ws_ftp_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.8.0\", \"lessThan\": \"8.8.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-24T14:36:33.469Z\"}}], \"cna\": {\"title\": \"WS_FTP Server Stored Cross-Site Scripting Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Cristian Mocanu - Deloitte\"}], \"impacts\": [{\"capecId\": \"CAPEC-63\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-63 Cross-Site Scripting (XSS)\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Progress Software Corporation\", \"modules\": [\"Server Manager\"], \"product\": \"WS_FTP Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.8.0\", \"lessThan\": \"8.8.2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2023-09-27T14:50:00.000Z\", \"references\": [{\"url\": \"https://www.progress.com/ws_ftp\", \"tags\": [\"product\"]}, {\"url\": \"https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\n\\n\\nIn WS_FTP Server version prior to 8.8.2,\\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\\u00a0 Once the cross-site scripting payload is successfully stored,\\u00a0\\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cp\u003e\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eIn WS_FTP Server version prior to 8.8.2,\u0026nbsp;\u003c/span\u003ea stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u0026nbsp; Once the cross-site scripting payload is successfully stored,\u0026nbsp;\u0026nbsp;an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\\n\\n\u003c/p\u003e\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"f9fea0b6-671e-4eea-8fde-31911902ae05\", \"shortName\": \"ProgressSoftware\", \"dateUpdated\": \"2023-09-27T15:23:44.201Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-40047\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-24T14:36:57.450Z\", \"dateReserved\": \"2023-08-08T19:44:41.112Z\", \"assignerOrgId\": \"f9fea0b6-671e-4eea-8fde-31911902ae05\", \"datePublished\": \"2023-09-27T14:50:55.329Z\", \"assignerShortName\": \"ProgressSoftware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2023-2506

Vulnerability from csaf_certbund

Published

2023-09-27 22:00

Modified

2023-10-03 22:00

Summary

Progress Software WS_FTP: Mehre Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

WS_FTP ist eine FTP (File Transfer Protocol) Software, die zur Übertragung von Dateien zwischen einem Client und einem Server über das Internet verwendet wird.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Progress Software WS_FTP ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting und Cross-Site Request Forgery Angriffe durchzuführen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "WS_FTP ist eine FTP (File Transfer Protocol) Software, die zur \u00dcbertragung von Dateien zwischen einem Client und einem Server \u00fcber das Internet verwendet wird.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Progress Software WS_FTP ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting und Cross-Site Request Forgery Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2506 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2506.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2506 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2506"
      },
      {
        "category": "external",
        "summary": "Assetnote Security Research vom 2023-09-27",
        "url": "https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044"
      },
      {
        "category": "external",
        "summary": "Progress Community Security Notification vom 2023-09-27",
        "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
      }
    ],
    "source_lang": "en-US",
    "title": "Progress Software WS_FTP: Mehre Schwachstellen",
    "tracking": {
      "current_release_date": "2023-10-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:59:11.446+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2506",
      "initial_release_date": "2023-09-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-09-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-10-03T22:00:00.000+00:00",
          "number": "2",
          "summary": "Exploit aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Progress Software WS_FTP \u003c 8.7.4",
                "product": {
                  "name": "Progress Software WS_FTP \u003c 8.7.4",
                  "product_id": "T030146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:progress:ws_ftp:8.7.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Progress Software WS_FTP \u003c 8.8.2",
                "product": {
                  "name": "Progress Software WS_FTP \u003c 8.8.2",
                  "product_id": "T030147",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:progress:ws_ftp:8.8.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "WS_FTP"
          }
        ],
        "category": "vendor",
        "name": "Progress Software"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-42657",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-42657"
    },
    {
      "cve": "CVE-2023-40049",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40049"
    },
    {
      "cve": "CVE-2023-40048",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40048"
    },
    {
      "cve": "CVE-2023-40047",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40047"
    },
    {
      "cve": "CVE-2023-40046",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40046"
    },
    {
      "cve": "CVE-2023-40045",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40045"
    },
    {
      "cve": "CVE-2023-40044",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40044"
    }
  ]
}

wid-sec-w-2023-2506

Vulnerability from csaf_certbund

Published

2023-09-27 22:00

Modified

2023-10-03 22:00

Summary

Progress Software WS_FTP: Mehre Schwachstellen

Notes

Produktbeschreibung

WS_FTP ist eine FTP (File Transfer Protocol) Software, die zur Übertragung von Dateien zwischen einem Client und einem Server über das Internet verwendet wird.

Angriff

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "WS_FTP ist eine FTP (File Transfer Protocol) Software, die zur \u00dcbertragung von Dateien zwischen einem Client und einem Server \u00fcber das Internet verwendet wird.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Progress Software WS_FTP ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting und Cross-Site Request Forgery Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2506 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2506.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2506 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2506"
      },
      {
        "category": "external",
        "summary": "Assetnote Security Research vom 2023-09-27",
        "url": "https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044"
      },
      {
        "category": "external",
        "summary": "Progress Community Security Notification vom 2023-09-27",
        "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
      }
    ],
    "source_lang": "en-US",
    "title": "Progress Software WS_FTP: Mehre Schwachstellen",
    "tracking": {
      "current_release_date": "2023-10-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:59:11.446+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2506",
      "initial_release_date": "2023-09-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-09-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-10-03T22:00:00.000+00:00",
          "number": "2",
          "summary": "Exploit aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Progress Software WS_FTP \u003c 8.7.4",
                "product": {
                  "name": "Progress Software WS_FTP \u003c 8.7.4",
                  "product_id": "T030146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:progress:ws_ftp:8.7.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Progress Software WS_FTP \u003c 8.8.2",
                "product": {
                  "name": "Progress Software WS_FTP \u003c 8.8.2",
                  "product_id": "T030147",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:progress:ws_ftp:8.8.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "WS_FTP"
          }
        ],
        "category": "vendor",
        "name": "Progress Software"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-42657",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-42657"
    },
    {
      "cve": "CVE-2023-40049",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40049"
    },
    {
      "cve": "CVE-2023-40048",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40048"
    },
    {
      "cve": "CVE-2023-40047",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40047"
    },
    {
      "cve": "CVE-2023-40046",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40046"
    },
    {
      "cve": "CVE-2023-40045",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40045"
    },
    {
      "cve": "CVE-2023-40044",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in der Progress Software WS_FTP. Diese Fehler bestehen im Ad Hoc Transfer-Modul, in der Manager-Schnittstelle, im Management-Modul und im Progress Ipswitch aufgrund eines Directory Traversal, eines reflektierten Cross-Site Scripting, einer SQL-Injection, eines gespeicherten Cross-Site Scripting, eines fehlenden Cross-Site Request Forgery (CSRF) Schutzes. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Cross-Site Scripting- und Cross-Site Request Forgery-Angriffe durchzuf\u00fchren."
        }
      ],
      "release_date": "2023-09-27T22:00:00.000+00:00",
      "title": "CVE-2023-40044"
    }
  ]
}

gsd-2023-40047

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-40047

Aliases

CVE-2023-40047

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-40047",
    "id": "GSD-2023-40047"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-40047"
      ],
      "details": "\n\n\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n",
      "id": "GSD-2023-40047",
      "modified": "2023-12-13T01:20:44.075339Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@progress.com",
        "ID": "CVE-2023-40047",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "WS_FTP Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "lessThan": "8.8.2",
                                "status": "affected",
                                "version": "8.8.0",
                                "versionType": "semver"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Progress Software Corporation"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Cristian Mocanu - Deloitte"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "\n\n\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-79",
                "lang": "eng",
                "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.progress.com/ws_ftp",
            "refsource": "MISC",
            "url": "https://www.progress.com/ws_ftp"
          },
          {
            "name": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023",
            "refsource": "MISC",
            "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.8.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@progress.com",
          "ID": "CVE-2023-40047"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "\n\n\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
            },
            {
              "name": "https://www.progress.com/ws_ftp",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://www.progress.com/ws_ftp"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 1.7,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2023-09-27T19:58Z",
      "publishedDate": "2023-09-27T15:18Z"
    }
  }
}

fkie_cve-2023-40047

Vulnerability from fkie_nvd

Published

2023-09-27 15:18

Modified

2024-11-21 08:18

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security@progress.com	https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023	Vendor Advisory
security@progress.com	https://www.progress.com/ws_ftp	Product
af854a3a-2127-422b-91ae-364da2661108	https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.progress.com/ws_ftp	Product

Impacted products

	Vendor	Product	Version
	progress	ws_ftp_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83F473A-56DC-4CC4-8831-EA78D4DC1539",
              "versionEndExcluding": "8.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\n\n\nIn WS_FTP Server version prior to 8.8.2,\u00a0a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n"
    },
    {
      "lang": "es",
      "value": "En la versi\u00f3n del servidor WS_FTP anterior a la 8.8.2, existe una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en el m\u00f3dulo de administraci\u00f3n del servidor WS_FTP. Un atacante con privilegios administrativos podr\u00eda importar un certificado SSL con atributos maliciosos que contengan payloads de Cross-Site Scripting. Una vez que el payload de Cross-Site Scripting se almacena con \u00e9xito, un atacante podr\u00eda aprovechar esta vulnerabilidad para atacar a los administradores del servidor WS_FTP con un payload especializado que resulta en la ejecuci\u00f3n de JavaScript malicioso dentro del contexto del navegador de la v\u00edctima."
    }
  ],
  "id": "CVE-2023-40047",
  "lastModified": "2024-11-21T08:18:35.837",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 6.0,
        "source": "security@progress.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-27T15:18:58.820",
  "references": [
    {
      "source": "security@progress.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
    },
    {
      "source": "security@progress.com",
      "tags": [
        "Product"
      ],
      "url": "https://www.progress.com/ws_ftp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://www.progress.com/ws_ftp"
    }
  ],
  "sourceIdentifier": "security@progress.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security@progress.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-5829-ch6w-2w9q

Vulnerability from github

Published

2023-09-27 15:30

Modified

2024-04-04 07:52

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Details

In WS_FTP Server version 8.8.0 prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-40047"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:18:58Z",
    "severity": "MODERATE"
  },
  "details": "\nIn WS_FTP Server version 8.8.0 prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server\u0027s Management module.  An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads.\u00a0 Once the cross-site scripting payload is successfully stored,\u00a0\u00a0an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.\n\n\n\n\n\n",
  "id": "GHSA-5829-ch6w-2w9q",
  "modified": "2024-04-04T07:52:07Z",
  "published": "2023-09-27T15:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40047"
    },
    {
      "type": "WEB",
      "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023"
    },
    {
      "type": "WEB",
      "url": "https://www.progress.com/ws_ftp"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2023-AVI-0793

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Progress WS_FTP Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Progress	N/A	WS_FTP Server 2020.0.4 versions antérieures à 8.7.4
	Progress	N/A	WS_FTP Server 2022.0.2 versions antérieures à 8.8.2

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-40047 (GCVE-0-2023-40047)

Vulnerability from cvelistv5

WID-SEC-W-2023-2506

Vulnerability from csaf_certbund

wid-sec-w-2023-2506

Vulnerability from csaf_certbund

gsd-2023-40047

Vulnerability from gsd

fkie_cve-2023-40047

Vulnerability from fkie_nvd

ghsa-5829-ch6w-2w9q

Vulnerability from github

CERTFR-2023-AVI-0793

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature