Unrated severityNVD Advisory· Published Mar 20, 2024· Updated Aug 1, 2024
MOVEit Transfer Logging Bypass Vulnerability
CVE-2024-2291
Description
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2022.0.11, <2022.1.12, <2023.0.9, <2023.1.4
- Progress Software/MOVEit Transferv5Range: 2022.0.0 (14.0.0)
Patches
Vulnerability mechanics
References
2- community.progress.com/s/article/MOVEit-Transfer-Service-Pack-March-2024mitrevendor-advisory
- www.progress.com/moveitmitreproduct
News mentions
0No linked articles in our index yet.