CVE-2024-0396

🗓️ 17 Jan 2024 15:56:41Reported by ProgressSoftwareType

CVE-2024-0396 input validation issue in MOVEit Transfer before 2022.0.10, 2022.1.11, 2023.0.8, 2023.1.3 leads to denial of service

Reporter	Title	Published	Views	Family All 11
CNNVD	Progress MOVEit Transfer Input Validation Error Vulnerability	17 Jan 202400:00	–	cnnvd
Cvelist	CVE-2024-0396 Missing Server-Side Input Validation in HTTP Parameter	17 Jan 202415:56	–	cvelist
EUVD	EUVD-2024-16192	3 Oct 202520:07	–	euvd
NCSC	Vulnerability fixed in Progress MOVEit Transfer	30 Jan 202400:00	–	ncsc
NVD	CVE-2024-0396	17 Jan 202416:15	–	nvd
OSV	CVE-2024-0396	17 Jan 202416:15	–	osv
Prion	Input validation	17 Jan 202416:15	–	prion
Tenable Nessus	Progress MOVEit Transfer < 2022.0.10 / 2022.1 < 2022.1.11 / 2023.0 < 2023.0.8 / 2023.1 < 2023.1.3 Multiple Vulnerabilities (January 2024)	18 Jan 202400:00	–	nessus
Positive Technologies	PT-2024-1119 · Ipswitch · Moveit Transfer	17 Jan 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-0396	4 Feb 202523:02	–	redhatcve

NVD

Node

progress moveit_transferRange<2022.0.10

progress moveit_transferRange2022.1.0–2022.1.11

progress moveit_transferRange2023.0.1–2023.0.8

progress moveit_transferRange2023.1.0–2023.1.3

[
  {
    "defaultStatus": "affected",
    "product": "MOVEit Transfer",
    "vendor": "Progress Software Corporation",
    "versions": [
      {
        "lessThan": "2022.0.10 (14.0.10)",
        "status": "affected",
        "version": "2022.0.0 (14.0.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2022.1.11 (14.1.11)",
        "status": "affected",
        "version": "2022.1.0 (14.1.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2023.0.8 (15.0.8)",
        "status": "affected",
        "version": "2023.0.0 (15.0.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2023.1.3 (15.1.3)",
        "status": "affected",
        "version": "2023.1.0 (15.1.0)",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
progress	www.progress.com/moveit
community	www.community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024

21 Nov 2024 08:46Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.17.1

EPSS0.00161

SSVC

CWE-20