8.2
CVE-2025-10932
- EPSS 0.02%
- Veröffentlicht 29.10.2025 14:12:33
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle security@progress.com
- CVE-Watchlists
- Unerledigt
AS2 module allows uncontrolled file uploads
Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerProgress
≫
Produkt
MOVEit Transfer
Default Statusunaffected
Version
2025.0.0
Version <
2025.0.3
Status
affected
Version
2024.1.0
Version <
2024.1.7
Status
affected
Version
2023.1.0
Version <
2023.1.16
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.058 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@progress.com | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.