Lucene search
+L

400 matches found

osv
osv
added 2025/03/19 4:15 p.m.5 views

CVE-2025-2324

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...

8.8CVSS5.8AI score0.00229EPSS
Exploits0References1
cve
cve
added 2025/03/19 3:23 p.m.67 views

CVE-2025-2324

The CVE-2025-2324 entry concerns an Improper Privilege Management issue in MOVEit Transfer (SFTP module) where users configured as Shared Accounts can gain elevated permissions. Affected versions are MOVEit Transfer: 2023.1.0–2023.1.11, 2024.0.0–2024.0.7, and 2024.1.0–2024.1.1. Remediations are t...

8.8CVSS5.8AI score0.00229EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/03/19 3:23 p.m.19 views

CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...

5.9CVSS0.00229EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/03/19 3:23 p.m.10 views

CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...

5.9CVSS5.9AI score0.00229EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/03/19 12:0 a.m.6 views

PT-2025-11688 · Ipswitch · Moveit Transfer

Name of the Vulnerable Software and Affected Versions: MOVEit Transfer versions 2023.1.0 through 2023.1.11 MOVEit Transfer versions 2024.0.0 through 2024.0.7 MOVEit Transfer versions 2024.1.0 through 2024.1.1 Description: The issue is related to Improper Privilege Management for users configured ...

8.8CVSS6.4AI score0.00229EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/03/19 12:0 a.m.5 views

Progress MOVEit Transfer 安全漏洞

Progress MOVEit Transfer is a secure hosted file transfer application from Progress. A security vulnerability exists in Progress MOVEit Transfer that stems from improper privilege management for users of shared accounts, which could result in elevated privileges...

8.8CVSS6.8AI score0.00229EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 6:35 a.m.21 views

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.8CVSS6.8AI score0.75812EPSS
Exploits3References1
redhatcve
redhatcve
added 2025/02/05 2:50 a.m.8 views

CVE-2024-6576

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

9.8CVSS7AI score0.00618EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/04 11:2 p.m.16 views

CVE-2024-0396

In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11, 2023.0.8 15.0.8, 2023.1.3 15.1.3, an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational...

7.1CVSS6.6AI score0.00539EPSS
Exploits0References1
avleonov
avleonov
added 2025/01/20 3:2 p.m.34 views

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies. Last year, 74 vulnerabilities were classified as trending to compare the scale, just over 40,000 were added to NVD in 2024. All trending vulnerabilities are found in Western commercial products and...

9.8CVSS9AI score0.99999EPSS
Exploits82
packetstorm
packetstorm
added 2024/08/31 12:0 a.m.285 views

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh/transport/session' require 'net/sftp' require 'openssl' class MetasploitModule 'Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read',...

9.8CVSS7.1AI score0.75812EPSS
Exploits3
bdu_fstec
bdu_fstec
added 2024/08/01 12:0 a.m.8 views

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer allows a perpetrator to bypass authentication processes and gain increased privileges.

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to bypass the authentication process and gain increased privilege...

8.5CVSS5.5AI score0.00618EPSS
Exploits0References3Affected Software1
ncsc
ncsc
added 2024/07/30 8:45 a.m.5 views

Vulnerability fixed in Progress MOVEit Transfer

Progress has fixed a vulnerability in MOVEit Transfer SFTP A malicious party can exploit the vulnerability to grant themselves elevated privileges, potentially gaining access to files that the malicious party is not initially authorized to access. Progress has released updates to fix the...

9.8CVSS6.9AI score0.00618EPSS
Exploits0References1
nvd
nvd
added 2024/07/29 2:15 p.m.53 views

CVE-2024-6576

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

9.8CVSS0.00618EPSS
Exploits0References2
osv
osv
added 2024/07/29 2:15 p.m.8 views

CVE-2024-6576

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

9.8CVSS5.8AI score0.00618EPSS
Exploits0References2
cvelist
cvelist
added 2024/07/29 1:46 p.m.57 views

CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

7.3CVSS0.00618EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/07/29 1:46 p.m.20 views

CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

7.3CVSS7.2AI score0.00618EPSS
Exploits0References2
cve
cve
added 2024/07/29 1:46 p.m.75 views

CVE-2024-6576

CVE-2024-6576 - Progress MOVEit Transfer (SFTP module) : Affected MOVEit Transfer versions include 2023.0.0–2023.0.11, 2023.1.0–2023.1.6, and 2024.0.0–2024.0.2, with a root cause described as an improper authentication vulnerability that can lead to privilege escalation. Remediation per sources: ...

9.8CVSS7.2AI score0.00618EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2024/07/29 12:0 a.m.15 views

PT-2024-5295 · Progress · Progress Moveit Transfer

Name of the Vulnerable Software and Affected Versions: Progress MOVEit Transfer versions 2023.0.0 through 2023.0.11 Progress MOVEit Transfer versions 2023.1.0 through 2023.1.6 Progress MOVEit Transfer versions 2024.0.0 through 2024.0.2 Description: The issue is related to improper authentication ...

9.8CVSS7.6AI score0.00618EPSS
Exploits0References9
cnnvd
cnnvd
added 2024/07/29 12:0 a.m.4 views

Progress Software MOVEit Transfer 安全漏洞

Progress Software MOVEit Transfer is a suite of automated file transfer software from Progress Software, USA. The software supports file transfer and provides file transfer activity monitoring. A security vulnerability exists in Progress Software MOVEit Transfer that stems from the presence of an...

9.8CVSS6.7AI score0.00618EPSS
Exploits0References3
Rows per page
Query Builder