Intrusion Prevention

Accellion.FTA.getStatus.verify_oauth_token.Command.Injection

Description

This indicates an attack attempt against a Remote Code Injection vulnerability in Accellion File Transfer.
The vulnerability is a result of the application's failure to properly sanitize user input. As a result, a remote attacker can send a crafted query to execute arbitrary code on a vulnerable server.

Affected Products

Accellion File Transfer version FTA_9_11_200 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Please contact the vendor at the website below for updates to resolve this issue.
https://www.accellion.com/support

CVE References

CVE-2015-2857