PT-2026-28066 · Kiteworks · Kiteworks
Published
2026-03-25
·
Updated
2026-03-25
·
CVE-2026-23635
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Kiteworks versions prior to 9.2.1
Description
Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms, a misconfiguration of security attributes could potentially lead to the unprotected transport of credentials under certain circumstances.
Recommendations
Upgrade to Kiteworks version 9.2.1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kiteworks