← back
CVE-2023-2991

Fortra Globalscape Administration Server Information Disclosure

EPSS 0.6%CWE-200
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message
Affected products
Fortra · Globalscape EFT

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.globalscape.com/Knowledgebase/11589/Is-EFT-susceptible-to-the-Remotely-obtain-HDD-serial-number-vulnerabilityhttps://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/