Common Key Vulnerability in Serv-U FTP Server 

(CVE-2021-35252)

Download PDF

Summary

Common encryption key is used across all deployed instances of Serv-U FTP Server. This could lead to a security risk relating to user accounts.

Affected Products

  • Serv-U 15.3.0 and earlier

Fixed Software Release

Acknowledgments

  • SecureWorks Disclosure Team

Advisory Details

Severity

6.5 Medium

Advisory ID

First Published

12/15/2022

Fixed Version

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N