Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MOVEit Transfer Logging Bypass Vulnerability
Vulnerability Description
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
不充分的日志记录
Vulnerability Title
Progress MOVEit Transfer 安全漏洞
Vulnerability Description
Progress MOVEit Transfer是Progress公司的一款安全的托管文件传输应用程序。 Progress MOVEit Transfer存在安全漏洞,该漏洞源于存在日志绕过漏洞。攻击者可利用该漏洞绕过web应用程序中的日志记录机制,导致用户活动无法正确记录。受影响的产品和版本:Progress MOVEit Transfer 2022.0.11(14.0.11)之前版本,2022.1.12(14.1.12)之前版本,2023.0.9(15.0.9)之前版本,2023.1.4(15.1.4
CVSS Information
N/A
Vulnerability Type
N/A