← Zuruck zu CVEs
CVE-2025-14362
HIGH7.3
Beschreibung
The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force.
CVE Details
CVSS v3.1 Bewertung7.3
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht4/21/2026
Zuletzt geandert4/23/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
fortra:goanywhere_managed_file_transfer
Schwachen (CWE)
CWE-307
Referenzen
https://fortra.com/security/advisories/product-security/FI-2026-002(df4dee71-de3a-4139-9588-11b62fe6c0ff)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.