CVE-2023-2991

medium

Description

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message

References

https://kb.globalscape.com/Knowledgebase/11589/Is-EFT-susceptible-to-the-Remotely-obtain-HDD-serial-number-vulnerability

Details

Source: Mitre, NVD

Published: 2023-06-22

Updated: 2023-06-30

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N