PT-2020-20180 · Biscom · Biscom Secure File Transfer

Published

2020-01-31

Updated

2020-02-05

CVE-2020-8503

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Biscom Secure File Transfer (SFT) versions 5.0.1050 through 5.1.1067 Biscom Secure File Transfer (SFT) versions 6.0.1000 through 6.0.1003

Description The issue allows Insecure Direct Object Reference (IDOR) by an authenticated sender due to an error in a file-upload feature.

Recommendations For versions 5.0.1050 through 5.1.1067, update to version 5.1.1068 to resolve the issue. For versions 6.0.1000 through 6.0.1003, update to version 6.0.1004 to resolve the issue.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2020-8503

Affected Products

Biscom Secure File Transfer

PT-2020-20180 · Biscom · Biscom Secure File Transfer

CVE-2020-8503

Weakness Enumeration

Related Identifiers

Affected Products

References · 4