CVE-2023-36933

In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:10

Type Values Removed Values Added
References () https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 - Release Notes, Vendor Advisory () https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 - Release Notes, Vendor Advisory
References () https://www.progress.com/moveit - Product () https://www.progress.com/moveit - Product

12 Jul 2023, 15:54

Type Values Removed Values Added
References (CONFIRM) https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 - (CONFIRM) https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 - Release Notes, Vendor Advisory
References (MISC) https://www.progress.com/moveit - (MISC) https://www.progress.com/moveit - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*
CWE CWE-755

05 Jul 2023, 16:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-05 16:15

Updated : 2024-11-21 08:10


NVD link : CVE-2023-36933

Mitre link : CVE-2023-36933

CVE.ORG link : CVE-2023-36933


JSON object : View

Products Affected

progress

  • moveit_transfer
CWE
CWE-755

Improper Handling of Exceptional Conditions