CVE-2023-35708

🗓️ 17 Jun 2023 09:42:58Reported by CirclType

circl

circl🔗 cve.circl.lu👁 8 Views

CVE-2023-35708 has been exploited, with timestamps indicating active attacks on November 12 and 13.

Reporter	Title	Published	Views	Family All 20
BDU FSTEC	The vulnerability of the software for processing and transmitting confidential data in Progress MOVEit Transfer arises from the lack of protective measures for SQL query structures, allowing attackers to gain unauthorized access to protected information.	22 Jun 202300:00	–	bdu_fstec
CISA	Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability	15 Jun 202312:00	–	cisa
CNNVD	Progress Software MOVEit Transfer SQL注入漏洞	16 Jun 202300:00	–	cnnvd
CVE	CVE-2023-35708	16 Jun 202300:00	–	cve
Cvelist	CVE-2023-35708	16 Jun 202300:00	–	cvelist
Malwarebytes	MOVEit discloses THIRD critical vulnerability	16 Jun 202316:30	–	malwarebytes
Nuclei	MOVEit Transfer - SQL Injection	7 Jun 202603:02	–	nuclei
NVD	CVE-2023-35708	16 Jun 202304:15	–	nvd
Prion	Sql injection	16 Jun 202304:15	–	prion
Tenable Nessus	Progress MOVEit Transfer < 2020.1.10 / 2021.0.x < 2021.0.8 / 2021.1.x < 2021.1.6 / 2022.0.x < 2022.0.6 / 2022.1.x < 2022.1.7 / 2023.0.x < 2023.0.3 Privilege Escalation	16 Jun 202300:00	–	nessus

Source	Link
bsky	www.bsky.app/profile/beikokucyber.bsky.social/post/3me5bzf7xr724
t	www.t.me/CyberSecurityIL/24237
t	www.t.me/JerusalemElectronicArmy/401
t	www.t.me/ctinow/118895
t	www.t.me/information_security_channel/50117
t	www.t.me/itsec_news/2919
t	www.t.me/kasperskyb2b/704
vulnerability	www.vulnerability.circl.lu/bundle/1dca9c72-3904-4b4f-b553-ba8d0b505998

17 Jun 2023 09:42Current

9High risk

Vulners AI Score9

CVSS 3.19.8

EPSS0.81216

SSVC

cve-2023-35708 exploited november attacks