MFA/2FA Bypass Vulnerability in Serv-U 15.4 (CVE-2023-35179)

Security Advisory Summary

A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.

Affected Products

Serv-U 15.4

Fixed Software Release

Serv-U 15.4 HF1

Advisory Details

Severity

Medium

Advisory ID

CVE-2023-35179

First Published

08/04/2023

Last Published

08/04/2023

Fixed Version

Serv-U 15.4 HF1

CVSS Score

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Download PDF

Send an Email