{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T01:28:05.491","vulnerabilities":[{"cve":{"id":"CVE-2023-45687","sourceIdentifier":"cve@rapid7.com","published":"2023-10-16T17:15:10.107","lastModified":"2024-11-21T08:27:13.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing"},{"lang":"es","value":"Una vulnerabilidad de fijación de sesión en los servidores Titan MFT y Titan SFTP de South River Technologies en Linux y Windows permite a un atacante eludir la autenticación del servidor si puede engañar a un administrador para que autorice una identificación de sesión de su elección."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-384"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:linux:*:*","versionEndExcluding":"2.0.18","matchCriteriaId":"6F4EB0AE-8C4A-4FF6-AE00-D87C9719C6D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:southrivertech:titan_mft_server:*:*:*:*:*:windows:*:*","versionEndExcluding":"2.0.18","matchCriteriaId":"2740E6FA-C5D8-465F-95A7-54F75421FD95"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:linux:*:*","versionEndExcluding":"2.0.18","matchCriteriaId":"B3EDB373-C26D-478D-9B44-D2D5A19276E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:southrivertech:titan_sftp_server:*:*:*:*:*:windows:*:*","versionEndExcluding":"2.0.18","matchCriteriaId":"E6520883-8DE6-4682-8937-1E49573112EA"}]}]}],"references":[{"url":"https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690","source":"cve@rapid7.com","tags":["Vendor Advisory"]},{"url":"https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/","source":"cve@rapid7.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issues-cve-2023-45685-through-cve-2023-45690","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-river-technologies-titan-mft-and-titan-sftp-fixed/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}