CVE-2023-35179

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Aug 11, 2023

Updated: Sep 14, 2023

CWE ID 284

Summary

CVE-2023-35179: A critical vulnerability was discovered in Serv-U 15.4, allowing administrator-level attackers to bypass multi-factor or two-factor authentication. This vulnerability poses a significant risk to organizations relying on Serv-U for secure file transfers and requires immediate attention and patching. Successful exploitation grants unauthorized access to the affected system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Serv-U

Affected Vendors

SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlErP
https://www.cve.org/CVERecord?id=CVE-2023-35179
https://nvd.nist.gov/vuln/detail/CVE-2023-35179

Back to Vulnerability Database