Robert Fisher

#19861of 53,633
13.1Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2022-8164
8.8
2022-02-14
Enterprisedb · Enterprisedt Completeftp · CVE-2019-16864
**Name of the Vulnerable Software and Affected Versions** EnterpriseDT CompleteFTP versions prior to 12.1.4 **Description** The issue allows for Remote Code Execution by leveraging a Windows user account that has SSH access. The `exec` command is always run as `SYSTEM`. **Recommendations** For versions prior to 12.1.4, update to version 12.1.4 or later to resolve the issue. As a temporary workaround, consider restricting SSH access to trusted users only until a patch is applied.
PT-2019-14520
4.3
2019-10-01
Enterprisedb · Enterprisedt Completeftp Server · CVE-2019-16116
**Name of the Vulnerable Software and Affected Versions** EnterpriseDT CompleteFTP Server versions prior to 12.1.3 **Description** The issue allows an attacker to obtain the administrator password hash due to information exposure in the Bootstrap.log file. **Recommendations** For EnterpriseDT CompleteFTP Server versions prior to 12.1.3, update to version 12.1.3 or later to resolve the issue.