Detections
Analytics

Progress MOVEit Transfer 2023.0.x < 2023.0.11 / 2023.1.x < 2023.1.6 / 2024.0.x < 2024.0.2 Authentication Bypass (June 2024)

critical Nessus Plugin ID 201018

Language:

Version 1.5

Jan 23, 2025, 9:26 AM

  • CVSS metrics ("CVSSv2 score" set to 10.0)
  • CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")
  • CVSS metrics ("CVSSv3 score" set to 9.8)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")

Plugin Feed: 202501230926

Version 1.4

Aug 2, 2024, 12:20 PM

  • IAVM reference

Plugin Feed: 202408021220

Version 1.3

Jun 28, 2024, 12:43 PM

  • IAVM reference
  • STIG Severity

Plugin Feed: 202406281243

Version 1.2

Jun 27, 2024, 7:10 AM

  • CVSS metrics ("CVSSv3 score" set to 9.1)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" set to "Exploits are available")

Plugin Feed: 202406270710

Version 1.1

Jun 26, 2024, 9:01 AM

  • New

Plugin Feed: 202406260901

* Changelogs are generally available for changes made after Nov 1, 2022