Vulnerabilities > CVE-2020-8503 - Authorization Bypass Through User-Controlled Key vulnerability in Biscom Secure File Transfer
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |