{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T18:37:37.251","vulnerabilities":[{"cve":{"id":"CVE-2024-25157","sourceIdentifier":"df4dee71-de3a-4139-9588-11b62fe6c0ff","published":"2024-08-14T15:15:18.023","lastModified":"2024-08-19T18:57:58.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification."},{"lang":"es","value":"Una vulnerabilidad de omisión de autenticación en GoAnywhere MFT anterior a 7.6.0 permite a los usuarios administradores con acceso a la consola del agente omitir algunas comprobaciones de permisos cuando intentan visitar otras páginas. Esto podría dar lugar a la divulgación o modificación no autorizada de información."}],"metrics":{"cvssMetricV31":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}]},"weaknesses":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","description":[{"lang":"en","value":"CWE-303"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:*","versionEndExcluding":"7.6.0","matchCriteriaId":"473E0873-F26C-4E9A-B58A-CF853E6F07DF"}]}]}],"references":[{"url":"https://www.fortra.com/security/advisories/product-security/fi-2024-009","source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","tags":["Vendor Advisory"]}]}}]}