Lucene search
ProgressSoftwareCVELIST:CVE-2024-5806HistoryJun 25, 2024 - 3:04 p.m.
CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability
2024-06-2515:04:37
CWE-287
ProgressSoftware
www.cve.org
9
improper authentication
moveit transfer
cve-2024-5806
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"SFTP"
],
"product": "MOVEit Transfer",
"vendor": "Progress",
"versions": [
{
"lessThan": "2023.0.11",
"status": "affected",
"version": "2023.0.0",
"versionType": "semver"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023.1.0",
"versionType": "semver"
},
{
"lessThan": "2024.0.2",
"status": "affected",
"version": "2024.0.0",
"versionType": "semver"
}
]
}
]Related
talosblog
talosblog
cve
cve
CVE-2024-5806
2024-06-25 15:15:15
nessus
nessus
nvd
nvd
CVE-2024-5806
2024-06-25 15:15:15
vulnrichment
vulnrichment
CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability
2024-06-25 15:04:37
githubexploit
githubexploit
Exploit for CVE-2024-5806
2024-06-24 16:28:35
rapid7blog
rapid7blog
Authentication Bypasses in MOVEit Transfer and MOVEit Gateway
2024-06-25 18:16:32
thn
thn
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-5806