CVE-2023-2991

CVE-2023-2991: Fortra Globalscape Administration Server Information Disclosure

Vendor Fortra

Product Globalscape EFT

Weakness CWE-200 · Info exposure

Published June 22, 2023

Last update December 6, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message

Key dates

02Disclosure timeline

June 22, 2023 CVE published

December 6, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-2991 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2024-8913 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_template CVE-2023-48333 WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure CVE-2024-41700 Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor CVE-2025-10093 D-Link DIR-852 Device Configuration getcfg.php phpcgi_main information disclosure CVE-2023-24881 Microsoft Teams Information Disclosure Vulnerability