Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP!

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 CVSS score: 9.1, concerns an authentication bypass that...

Vulnerabilities fixed in Progress MOVEit

Progress has fixed vulnerabilities in MOVEit Transfer and MOVEit Gateway. During the vulnerability investigation, a vulnerability was also discovered in an unnamed Third-Party component in use by MOVEit Transfer. The vulnerabilities are located in the SFTP module of the affected applications and...

Progress MOVEit Transfer 2023.0.x < 2023.0.11 / 2023.1.x < 2023.1.6 / 2024.0.x < 2024.0.2 Authentication Bypass (June 2024)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by an authentication bypass vulnerability as referenced in Progress Community article 000259290. - Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead...

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806, a critical authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration; and CVE-2024-5805, a critical SFTP-associated...

CVE-2024-5805

Improper Authentication vulnerability in Progress MOVEit Gateway SFTP modules allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0...

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

CVE-2024-5805

Improper Authentication vulnerability in Progress MOVEit Gateway SFTP modules allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0...

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

CVE-2024-5806

CVE-2024-5806 affects the MOVEit Transfer SFTP module. The issue is an Improper Authentication vulnerability that can lead to an Authentication Bypass . Affected versions include MOVEit Transfer 2023.0.x prior to 2023.0.11, 2023.1.x prior to 2023.1.6, and 2024.0.x prior to 2024.0.2. Root cause is...

CVE-2024-5805 MOVEit Gateway Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Gateway SFTP modules allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0...

CVE-2024-5805

CVE-2024-5805 is an improper authentication vulnerability in Progress MOVEit Gateway (SFTP module) that allows authentication bypass affecting MOVEit Gateway 2024.0.0. A fix exists in MOVEit Gateway 2024.0.1; 2024.0.0 remains vulnerable. Vendor advisories and national/corporate feeds confirm patc...

CVE-2024-5805 MOVEit Gateway Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Gateway SFTP modules allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0...

Progress Software MOVEit Transfer Security Vulnerability

Progress Software MOVEit Transfer is a suite of automated file transfer software from Progress Software, USA. The software supports file transfer and provides file transfer activity monitoring. A security vulnerability exists in Progress Software MOVEit Transfer that stems from an incorrect...

Progress Software MOVEit Security Vulnerability

Progress Software MOVEit is a secure hosted file transfer software from Progress Software, USA. A security vulnerability exists in Progress Software MOVEit Gateway version 2024.0.0 that stems from the presence of an incorrect authentication vulnerability that allows bypassing authentication...

PT-2024-4321

Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions 2023.0.0 through 2023.0.10 MOVEit Transfer versions 2023.1.0 through 2023.1.5 MOVEit Transfer versions 2024.0.0 through 2024.0.1 Description The issue is related to an Improper Authentication vulnerability in the SFTP...

PT-2024-37169 · Progress · Progress Moveit Gateway

Name of the Vulnerable Software and Affected Versions: Progress MOVEit Gateway version 2024.0.0 Description: The issue is related to an Improper Authentication vulnerability in the SFTP modules of Progress MOVEit Gateway, allowing Authentication Bypass. Recommendations: For Progress MOVEit Gatewa...

VulnCheck KEV: CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.v...

Exploit for Improper Authentication in Progress Moveit_Transfer

CVE-2024-5806 Exploit for Progress MOVEit Transfer CVE-2024-5...