CrushFTP < 10.7.1 / 11.x < 11.1.0 サンドボックスエスケープ (CVE-2024-4040)

critical Nessus プラグイン ID 193818

バージョン 1.5

May 21, 2024, 9:20 AM

  • Exploit attributes ("Exploit framework core" set to "True")

Plugin Feed: 202405210920

バージョン 1.4

Apr 29, 2024, 9:06 AM

  • CVSS metrics ("CVSSv2 score" set to 10.0)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • CVSS metrics ("CVSSv3 score" set to 10.0)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H")
  • CVSSv2 severity (based on CVE-2024-4040, severity increased from "Medium" to "High")

Plugin Feed: 202404290906

バージョン 1.3

Apr 25, 2024, 11:59 PM

  • CEA reference
  • Detection (adding linux detection support)

Plugin Feed: 202404252359

バージョン 1.3

Apr 26, 2024, 5:45 PM

  • New

Plugin Feed: 202404261745

バージョン 1.1

Apr 25, 2024, 5:31 AM

  • CISA reference
  • CVSS metrics ("CVSSv3 score" set to 9.8)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" set to "Exploits are available")

Plugin Feed: 202404250531

バージョン 1.0

Apr 25, 2024, 12:03 AM

  • New

Plugin Feed: 202404250003

* Changelogs are generally available for changes made after Nov 1, 2022