Vulnerabilities > Accellion > Secure File Transfer Appliance > High

DATE	CVE	VULNERABILITY TITLE	RISK
2010-02-19	CVE-2009-4648	Permissions, Privileges, and Access Controls vulnerability in Accellion Secure File Transfer Appliance Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command. local low complexity accellion CWE-264	7.2
2010-02-19	CVE-2009-4645	Path Traversal vulnerability in Accellion Secure File Transfer Appliance Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. network low complexity accellion CWE-22	7.8
2009-08-19	CVE-2008-7012	Unspecified vulnerability in Accellion Secure File Transfer Appliance 70135 courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters. network low complexity accellion	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.