HomePentest-Tools.com Logo

Accellion FTA Multiple Vulnerabilities CVE-2016-9499CVE-2016-9500

Severity
CVSSv3 Score
6.1
Vulnerability description

Accellion FTA is prone to multiple vulnerabilities

Risk description

Accellion FTA is prone to multiple vulnerabilities: - Accellion FTP server only returns the username in the server response if the a username is invalid. An attacker may use this information to determine valid user accounts and enumerate them. (CVE-2016-9499) - Accellion FTP server uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. (CVE-2016-9500)

Recommendation

Upgrade to version 9_12_220 or later

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 13, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available