FI-2024-014 - Limited Information Disclosure in GoAnywhere MFT Prior to 7.7.0
Severity
Medium
Published Date
13-Dec-2024
Updated Date
13-Dec-2024
Vulnerabilities
CVE-2024-9945
Notes
Description
An information-disclosure vulnerability exists in Fortra's GoAnywhere MFT application prior to version 7.7.0 that allows external access to the resources in certain admin root folders.
NOTE: By default, these folders don't typically contain any sensitive data.
Vulnerabilities
References
Acknowledgements
Fortra would like to thank the following individuals:
- xiao xiong