Statements (20)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
CVE Identifier
|
| gptkbp:access |
No
|
| gptkbp:affects |
gptkb:GoAnywhere_MFT
|
| gptkbp:describes |
GoAnywhere MFT before 7.1.2 allows remote code execution via a pre-authentication command injection vulnerability.
|
| gptkbp:discoveredBy |
gptkb:Horizon3.ai
|
| gptkbp:exploitableRemotely |
Yes
|
| gptkbp:fixes |
GoAnywhere MFT 7.1.2
|
| gptkbp:hasCVSSScore |
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| gptkbp:hasCWE |
gptkb:CWE-77
|
| gptkbp:hasPatchAvailable |
Yes
|
| gptkbp:hasSeverity |
High
|
| gptkbp:hasType |
Remote Code Execution
Command Injection |
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2023-35708
|
| gptkbp:publishedIn |
2023-06-01
|
| gptkbp:referencedIn |
https://www.horizon3.ai/goanywhere-mft-pre-auth-command-injection-cve-2023-35708/
https://nvd.nist.gov/vuln/detail/CVE-2023-35708 |
| gptkbp:bfsParent |
gptkb:MOVEit
|
| gptkbp:bfsLayer |
6
|