Vulnerability Details CVE-2024-2291
In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2024-2291
-
cpe:2.3:a:progress:moveit_transfer:-
-
cpe:2.3:a:progress:moveit_transfer:2019.0.6
-
cpe:2.3:a:progress:moveit_transfer:2019.0.7
-
cpe:2.3:a:progress:moveit_transfer:2019.1
-
cpe:2.3:a:progress:moveit_transfer:2019.1.3
-
cpe:2.3:a:progress:moveit_transfer:2019.1.4
-
cpe:2.3:a:progress:moveit_transfer:2019.1.5
-
cpe:2.3:a:progress:moveit_transfer:2019.1.6
-
cpe:2.3:a:progress:moveit_transfer:2019.2
-
cpe:2.3:a:progress:moveit_transfer:2019.2.1
-
cpe:2.3:a:progress:moveit_transfer:2019.2.2
-
cpe:2.3:a:progress:moveit_transfer:2019.2.3
-
cpe:2.3:a:progress:moveit_transfer:2020.0
-
cpe:2.3:a:progress:moveit_transfer:2020.0.5
-
cpe:2.3:a:progress:moveit_transfer:2020.0.6
-
cpe:2.3:a:progress:moveit_transfer:2020.1
-
cpe:2.3:a:progress:moveit_transfer:2020.1.1
-
cpe:2.3:a:progress:moveit_transfer:2020.1.10
-
cpe:2.3:a:progress:moveit_transfer:2020.1.11
-
cpe:2.3:a:progress:moveit_transfer:2020.1.4
-
cpe:2.3:a:progress:moveit_transfer:2020.1.5
-
cpe:2.3:a:progress:moveit_transfer:2020.1.6
-
cpe:2.3:a:progress:moveit_transfer:2021.0
-
cpe:2.3:a:progress:moveit_transfer:2021.0.1
-
cpe:2.3:a:progress:moveit_transfer:2021.0.3
-
cpe:2.3:a:progress:moveit_transfer:2021.0.6
-
cpe:2.3:a:progress:moveit_transfer:2021.0.7
-
cpe:2.3:a:progress:moveit_transfer:2021.0.8
-
cpe:2.3:a:progress:moveit_transfer:2021.0.9
-
cpe:2.3:a:progress:moveit_transfer:2021.1.0
-
cpe:2.3:a:progress:moveit_transfer:2021.1.4
-
cpe:2.3:a:progress:moveit_transfer:2021.1.5
-
cpe:2.3:a:progress:moveit_transfer:2021.1.6
-
cpe:2.3:a:progress:moveit_transfer:2021.1.7
-
cpe:2.3:a:progress:moveit_transfer:2021.1.8
-
cpe:2.3:a:progress:moveit_transfer:2022.0.0
-
cpe:2.3:a:progress:moveit_transfer:2022.0.10
-
cpe:2.3:a:progress:moveit_transfer:2022.0.4
-
cpe:2.3:a:progress:moveit_transfer:2022.0.5
-
cpe:2.3:a:progress:moveit_transfer:2022.0.6
-
cpe:2.3:a:progress:moveit_transfer:2022.0.7
-
cpe:2.3:a:progress:moveit_transfer:2022.0.8
-
cpe:2.3:a:progress:moveit_transfer:2022.0.9
-
cpe:2.3:a:progress:moveit_transfer:2022.1.0
-
cpe:2.3:a:progress:moveit_transfer:2022.1.10
-
cpe:2.3:a:progress:moveit_transfer:2022.1.11
-
cpe:2.3:a:progress:moveit_transfer:2022.1.5
-
cpe:2.3:a:progress:moveit_transfer:2022.1.6
-
cpe:2.3:a:progress:moveit_transfer:2022.1.7
-
cpe:2.3:a:progress:moveit_transfer:2022.1.8
-
cpe:2.3:a:progress:moveit_transfer:2022.1.9
-
cpe:2.3:a:progress:moveit_transfer:2023.0.0
-
cpe:2.3:a:progress:moveit_transfer:2023.0.1
-
cpe:2.3:a:progress:moveit_transfer:2023.0.2
-
cpe:2.3:a:progress:moveit_transfer:2023.0.3
-
cpe:2.3:a:progress:moveit_transfer:2023.0.4
-
cpe:2.3:a:progress:moveit_transfer:2023.0.6
-
cpe:2.3:a:progress:moveit_transfer:2023.0.7
-
cpe:2.3:a:progress:moveit_transfer:2023.0.8
-
cpe:2.3:a:progress:moveit_transfer:2023.1.0
-
cpe:2.3:a:progress:moveit_transfer:2023.1.1
-
cpe:2.3:a:progress:moveit_transfer:2023.1.2
-
cpe:2.3:a:progress:moveit_transfer:2023.1.3