Lucene search
K

The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer arises from the lack of measures taken to protect the SQL query structure. This allows attackers to circumvent security restrictions, execute arbitrary SQL code, and gain unauthorized access to read, modify, or delete data.

🗓️ 11 Jul 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 6 Views

MOVEit Transfer SQL query flaw lets remote attackers bypass limits and read, modify, delete data.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2023-36932
5 Jul 202316:15
attackerkb
Circl
CVE-2023-36932
5 Jul 202320:22
circl
CISA
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
7 Jul 202312:00
cisa
CNNVD
Progress Software MOVEit Transfer SQL注入漏洞
5 Jul 202300:00
cnnvd
CVE
CVE-2023-36932
5 Jul 202300:00
cve
Cvelist
CVE-2023-36932
5 Jul 202300:00
cvelist
Malwarebytes
MOVEit Transfer fixes three new vulnerabilities
10 Jul 202304:00
malwarebytes
NCSC
Vulnerabilities fixed in Progress MOVEit Transfer
6 Jul 202300:00
ncsc
NVD
CVE-2023-36932
5 Jul 202316:15
nvd
OSV
CVE-2023-36932
5 Jul 202316:15
osv
Rows per page
Vulners
Node
OROROROROR

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

11 Jul 2023 00:00Current
8.3High risk
Vulners AI Score8.3
CVSS 38.6
CVSS 29
EPSS0.81531
6