CVE-2024-2291 MOVEit Transfer Logging Bypass Vulnerability

🗓️ 20 Mar 2024 14:46:59Reported by ProgressSoftwareType

CVE-2024-2291 MOVEit Transfer Logging Bypass Vulnerabilit

Reporter	Title	Published	Views	Family All 7
CNNVD	Progress MOVEit Transfer Security Vulnerability	20 Mar 202400:00	–	cnnvd
CVE	CVE-2024-2291	20 Mar 202414:46	–	cve
EUVD	EUVD-2024-27246	3 Oct 202520:07	–	euvd
NVD	CVE-2024-2291	20 Mar 202415:15	–	nvd
Positive Technologies	PT-2024-19605 · Ipswitch · Moveit Transfer	20 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-2291	7 Jan 202609:13	–	redhatcve
Vulnrichment	CVE-2024-2291 MOVEit Transfer Logging Bypass Vulnerability	20 Mar 202414:46	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "MOVEit Transfer",
    "vendor": "Progress Software",
    "versions": [
      {
        "lessThan": "2022.0.11 (14.0.11)",
        "status": "affected",
        "version": "2022.0.0 (14.0.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2022.1.12 (14.1.12)",
        "status": "affected",
        "version": "2022.1.0 (14.1.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2023.0.9 (15.0.9)",
        "status": "affected",
        "version": "2023.0.0 (15.0.0)",
        "versionType": "semver"
      },
      {
        "lessThan": "2023.1.4 (15.1.4)",
        "status": "affected",
        "version": "2023.1.0 (15.1.0)",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
community	www.community.progress.com/s/article/MOVEit-Transfer-Service-Pack-March-2024
progress	www.progress.com/moveit

20 Mar 2024 14:46Current

4.8Medium risk

Vulners AI Score4.8

CVSS 3.14.3

EPSS0.00089

CWE-778