← voltar
CVE-2025-53896

Kiteworks MFT is vulnerable to Insufficient Session Expiration

CVSS 7.1 HIGHEPSS 0.2%CWE-613
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, a bug in Kiteworks MFT could cause under certain circumstances that a user's active session would not properly time out due to inactivity. This issue has been patched in version 9.1.0.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Produtos afetados
kiteworks · security-advisories

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/kiteworks/security-advisories/security/advisories/GHSA-23h2-3jj8-58hm