Crushftp

CVEs Published

Based on CVE published date

Common Weaknesses

Access Vector (AV)

The access vector (AV) shows how a vulnerability may be exploited.

Access Complexity (AC)

The access complexity (AC) metric describes how easy or difficult it is to exploit the discovered vulnerability.

Authentication (Au)

The authentication (Au) metric describes the number of times that an attacker must authenticate to a target to exploit it. It does not include (for example) authentication to a network in order to gain access. For locally exploitable vulnerabilities, this value should only be set to Single or Multiple if further authentication is required after initial access.

Attack Vector (AV)

This metric reflects the context by which vulnerability exploitation is possible.

Attack Complexity (AC)

This metric depicts the situations that are not under the attackers control and are required to exploit vulnerability.

Privileges Required (PR)

This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.

User Interaction (UI)

This metric captures the requirement for a user, other than the attacker, to participate in the successful compromise the vulnerable component.

Scope (S)

This metric is a determination on whether a vulnerability in one system or component can have carry over impact on another system or component.

Confidentiality (C)

The confidentiality (C) metric describes the impact on the confidentiality of data processed by the system.

Integrity (I)

The Integrity (I) metric describes the impact on the integrity of the exploited system.

Availability (A)

The availability (A) metric describes the impact on the availability of the target system. Attacks that consume network bandwidth, processor cycles, memory or any other resources affect the availability of a system.

Confidentiality (C)

This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.

Integrity (I)

This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information.

Availability (A)

This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. It refers to the loss of availability of the impacted component itself, such as a networked service (e.g., web, database, email). Since availability refers to the accessibility of information resources, attacks that consume network bandwidth, processor cycles, or disk space all impact the availability of an impacted component.

Title	CPE22	CPE23	Type	Vendor	Product	Version	Update	Edition	Language	SW Edition	Target SW	Target HW	Other
Title	CPE22	CPE23	Type	Vendor	Product	Version	Update	Edition	Language	SW Edition	Target SW	Target HW	Other

URL	Type
http://www.crushftp.com/version8.html	Version
https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/	Advisory
https://crushftp.com/version7.html	Version
https://github.com/the-emmons/CVE-Disclosures/blob/main/Pending/CrushFTP-2023-1.md	Advisory
https://vuldb.com/?id.147712	Advisory
https://www.crushftp.com/index.html	Vendor
https://www.crushftp.com/version10.html	Version
https://www.crushftp.com/version11.html	Version
https://www.crushftp.com/version6.html	Version
https://www.crushftp.com/version7.html	Version
https://www.crushftp.com/version8.html	Version
https://www.crushftp.com/version9.html	Version