Progress

Moveit Transfer

23 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-2324

  • EPSS 0.03%
  • Published 19.03.2025 15:23:03
  • Last modified 31.07.2025 15:53:41

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0....

9.8

CVE-2024-6576

  • EPSS 1.87%
  • Published 29.07.2024 14:15:04
  • Last modified 01.08.2025 20:39:00

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3.

9.8

CVE-2024-5806

  • EPSS 89.42%
  • Published 25.06.2024 15:15:15
  • Last modified 16.01.2025 16:57:19

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.

4.3

CVE-2024-2291

  • EPSS 0.09%
  • Published 20.03.2024 15:15:08
  • Last modified 16.01.2025 18:02:45

In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered.  An authenticated user could manipulate a request to bypass the ...

7.1

CVE-2024-0396

  • EPSS 0.16%
  • Published 17.01.2024 16:15:46
  • Last modified 21.11.2024 08:46:29

In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction....

7.2

CVE-2023-6218

  • EPSS 0.09%
  • Published 29.11.2023 17:15:07
  • Last modified 21.11.2024 08:43:23

In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified.  It is possible for a group administrator to elevat...

6.1

CVE-2023-6217

  • EPSS 0.02%
  • Published 29.11.2023 17:15:07
  • Last modified 21.11.2024 08:43:23

In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a reflected cross-site scripting (XSS) vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer....

8.8

CVE-2023-42660

  • EPSS 0.59%
  • Published 20.09.2023 17:15:11
  • Last modified 21.11.2024 08:22:54

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer machine interface that could allow an authentic...

6.1

CVE-2023-42656

  • EPSS 0.02%
  • Published 20.09.2023 17:15:11
  • Last modified 21.11.2024 08:22:53

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a reflected cross-site scripting (XSS) vulnerability has been identified in MOVEit Transfer's web interface.  An attacke...

7.2

CVE-2023-40043

  • EPSS 0.47%
  • Published 20.09.2023 17:15:11
  • Last modified 21.11.2024 08:18:35

In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8), 2022.0.8 (14.0.8), 2022.1.9 (14.1.9), 2023.0.6 (15.0.6), a SQL injection vulnerability has been identified in the MOVEit Transfer web interface that could allow a MOVEit system ...