Common Key Vulnerability in Serv-U FTP Server (CVE-2021-35252)

Summary

Common encryption key is used across all deployed instances of Serv-U FTP Server. This could lead to a security risk relating to user accounts.

Affected Products

  • Serv-U 15.3.0 and earlier

Fixed Software Release

Acknowledgments

  • SecureWorks Disclosure Team
Advisory Details
Severity
Medium
Advisory ID

CVE-2021-35252

First Published
12/15/2022
Fixed Version

Serv-U 15.3.2

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Download PDF
Send an Email