Security Advisory

CVE-2024-9999

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-12 16:33:00

Last updated 2024-11-12 17:19:06

Assigner ProgressSoftware

State PUBLISHED

Description

In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.

← Browse all CVEs View on cve.org ↗