Known Vulnerabilities for Moveit Transfer by Progress
Listed below are 7 of the newest known vulnerabilities associated with the software "Moveit Transfer" by "Progress".
These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
CVE | Shortened Description | Severity | Publish Date | Last Modified |
---|---|---|---|---|
CVE-2021-38159 | In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web applicati... | 9.8 - CRITICAL | 2021-08-07 | 2021-08-14 |
CVE-2021-37614 | In certain Progress MOVEit Transfer versions before 2021.0.3 (aka 13.0.3), SQL injection in the MOVEit Transfer web applicati... | 8.8 - HIGH | 2021-08-05 | 2021-08-17 |
CVE-2021-33894 | In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before 2019.1.5 (11.1.5), 2019.2.x before 2019.2.2 (11.2.2), 2... | 8.8 - HIGH | 2021-06-09 | 2021-06-22 |
CVE-2021-31827 | In Progress MOVEit Transfer before 2021.0 (13.0), a SQL injection vulnerability has been found in the MOVEit Transfer web app... | 8.8 - HIGH | 2021-05-18 | 2021-05-25 |
CVE-2020-28647 | In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a vict... | 5.4 - MEDIUM | 2020-11-17 | 2020-12-18 |
CVE-2020-8612 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanit... | 9 - CRITICAL | 2020-02-14 | 2020-02-20 |
CVE-2020-8611 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have be... | 8.8 - HIGH | 2020-02-14 | 2020-02-19 |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Progress | Moveit Transfer | 2020.1.1 | All | All | All |
Application | Progress | Moveit Transfer | 2020.1 | All | All | All |
Application | Progress | Moveit Transfer | 2019.2.1 | All | All | All |
Application | Progress | Moveit Transfer | 2019.2 | All | All | All |
Application | Progress | Moveit Transfer | 2019.1.4 | All | All | All |
Application | Progress | Moveit Transfer | 2019.1.3 | All | All | All |
Application | Progress | Moveit Transfer | 2019.1 | All | All | All |
Application | Progress | Moveit Transfer | - | All | All | All |
Popular searches for Moveit Transfer

MOVEit Secure Managed File Transfer Software | Progress

Eit Secure Managed File Transfer Software | Progress Eit is automated and secure managed file transfers software for sensitive data and advanced workflow automation capabilities without the need for scripting.
www.progress.com/managed-file-transfer MOVEit Software Workflow Automation Managed file transfer Information sensitivity Scripting language Regulatory compliance File Transfer Protocol File transfer Computer security Health Insurance Portability and Accountability Act SSH File Transfer Protocol Encryption Ipswitch, Inc. Trademark User (computing) Capability-based security Business process TelerikProgress MOVEit Transfer < 2020.1 Stored XSS (CVE-2020-28647)

A =Progress MOVEit Transfer < 2020.1 Stored XSS CVE-2020-2 7 Y WDuring a recent web application test engagement one of the applications in scope was a MOVEit Transfer While performing the assessment a Stored Cross-Site Scripting XSS vulnerability was identified. This blog post will go though the discovery and exploitation of such vulnerability to gain administrative access to the web application. While testing for input validation in a number of different input fields found across the application, one particular input field seemed to provide unexpected output when certain payloads were provided.
Cross-site scripting Web application MOVEit Computer file Application software JavaScript Common Vulnerabilities and Exposures Payload (computing) Form (HTML) Filename Download Upload Button (computing) World Wide Web Data validation Vulnerability (computing) Software testing Subroutine Input/output Source code