NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-9999

Summary	In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.
Publication Date	Nov. 13, 2024, 2:15 a.m.
Registration Date	Nov. 13, 2024, 5:01 a.m.
Last Update	Nov. 14, 2024, 2:01 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2024
2	https://www.progress.com/ftp-server

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-303	認証アルゴリズム上の問題	https://cwe.mitre.org/data/definitions/303.html