ГлавнаяУязвимости → CVE-2025-14362
7.3высокая

CVE-2025-14362

Описание

The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be logged in to is configured to log in with an SSH Key, making the SSH key vulnerable to being guessed via Brute Force.

Затрагиваемое ПО
Fortra Goanywhere managed file transfer
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://fortra.com/security/advisories/product-security/FI-2026-002