CVE-2023-2991— Fortra Globalscape Administration Server Information Disclosure
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-2991
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fortra Globalscape Administration Server Information Disclosure
Source: NVD (National Vulnerability Database)
Vulnerability Description
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Globalscape Enhanced File Transfer 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Globalscape Enhanced File Transfer(Globalscape EFT)是美国Globalscape公司的一流的托管文件传输(MFT)解决方案。 Globalscape Enhanced File Transfer 8.1.0.16 之前版本存在安全漏洞,该漏洞源于存在信息泄露漏洞,可以远程确定硬盘的序列号。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Fortra | Globalscape EFT | 8.0.0 | - |
II. Public POCs for CVE-2023-2991
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-2991
请登录查看更多情报信息。
Same Patch Batch · Fortra · 2023-06-22 · 3 CVEs total
| CVE-2023-2990 | Fortra Globalscape Administration Server Denial of Service | |
| CVE-2023-2989 | Fortra Globalscape Administration Server Out of Bounds Memory Read |
IV. Related Vulnerabilities
Same vendor: Fortra
- CVE-2026-1089
User‑Controlled HTTP Header In Fortra's GoAnywhere MFT Allow - CVE-2026-0972
HTML Injection possible in system generated emails in Fortra - CVE-2026-0971
GoAnywhere MFT SAML Sessions do not redirect to logout URL o - CVE-2025-14362
GoAnywhere MFT SFTP Service Login Vulnerable to Brute Force - CVE-2025-1241
Encryption vulnerable to brute-force decryption in GoAnywher
Same weakness: CWE-200
- CVE-2026-42333
quarkus-openapi-generator has overly broad path-parameter ma - CVE-2026-8198
Activity Logs, User Activity Tracking, Multisite Activity Lo - CVE-2026-42456
AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (ID - CVE-2026-41520
Cillium exposes sensitive information included in the cilium - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro
V. Comments for CVE-2023-2991
No comments yet