CNNVD-202511-3047 Information

CNNVD ID

CNNVD-202511-3047

Related CVE

CVE-2025-53896

• CNNVD Published: 2025-11-29

Description (Chinese)

Kiteworks Mft是美国Kiteworks公司的一个安全管理内部和外部数据传输的软件。 Kiteworks Mft 9.1.0之前版本存在代码问题漏洞，该漏洞源于会话超时机制不当，可能导致会话持续有效。

Description (English)

Kiteworks Mft is a software for the secure management of internal and external data transmissions by the United States company Kiteworks. There was a code problem loophole in the pre-Kiteworks Mft 9.1.0 version, which stemmed from inappropriate meeting time-out mechanisms that could lead to the continued validity of the session.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Kiteworks

Published

2025-11-29

Last Modified

2026-02-24

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-23h2-3jj8-58hm https://access.redhat.com/security/cve/cve-2025-53896

Patch

https://www.kiteworks.com/platform/simple/managed-file-transfer/