{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-2990","assignerOrgId":"9974b330-7714-4307-a722-5648477acda7","state":"PUBLISHED","assignerShortName":"rapid7","dateReserved":"2023-05-30T15:58:56.752Z","datePublished":"2023-06-22T19:17:28.531Z","dateUpdated":"2024-12-04T21:34:07.241Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Windows"],"product":"Globalscape EFT","vendor":"Fortra","versions":[{"lessThan":"8.1.0.16","status":"affected","version":"8.0.0","versionType":"semver"}]}],"datePublic":"2023-06-22T17:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service<br>"}],"value":"Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service\n"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9974b330-7714-4307-a722-5648477acda7","shortName":"rapid7","dateUpdated":"2023-06-22T19:17:28.531Z"},"references":[{"url":"https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/"},{"url":"https://kb.globalscape.com/Knowledgebase/11588/Is-EFT-susceptible-to-the-Denial-of-service-via-recursive-Deflate-Stream-vulnerability"}],"source":{"discovery":"UNKNOWN"},"title":"Fortra Globalscape Administration Server Denial of Service","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T06:41:04.046Z"},"title":"CVE Program Container","references":[{"url":"https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/","tags":["x_transferred"]},{"url":"https://kb.globalscape.com/Knowledgebase/11588/Is-EFT-susceptible-to-the-Denial-of-service-via-recursive-Deflate-Stream-vulnerability","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-04T21:33:57.351874Z","id":"CVE-2023-2990","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-04T21:34:07.241Z"}}]}}