Vulnerability Details CVE-2025-13147
Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.2%
CVSS Severity
CVSS v3 Score 5.3
References
- https://docs.progress.com/bundle/moveit-transfer-release-notes-2024/page/Fixed-Issues-in-2024.1.8.html
- https://docs.progress.com/bundle/moveit-transfer-release-notes-2025/page/Fixed-Issues-in-2025.0.4.html
- https://docs.progress.com/bundle/moveit-transfer-release-notes-2025_1/page/Fixed-Issues-in-2025.1.html
Products affected by CVE-2025-13147
-
cpe:2.3:a:progress:moveit_transfer:-
-
cpe:2.3:a:progress:moveit_transfer:2019.0.6
-
cpe:2.3:a:progress:moveit_transfer:2019.0.7
-
cpe:2.3:a:progress:moveit_transfer:2019.1
-
cpe:2.3:a:progress:moveit_transfer:2019.1.3
-
cpe:2.3:a:progress:moveit_transfer:2019.1.4
-
cpe:2.3:a:progress:moveit_transfer:2019.1.5
-
cpe:2.3:a:progress:moveit_transfer:2019.1.6
-
cpe:2.3:a:progress:moveit_transfer:2019.2
-
cpe:2.3:a:progress:moveit_transfer:2019.2.1
-
cpe:2.3:a:progress:moveit_transfer:2019.2.2
-
cpe:2.3:a:progress:moveit_transfer:2019.2.3
-
cpe:2.3:a:progress:moveit_transfer:2020.0
-
cpe:2.3:a:progress:moveit_transfer:2020.0.5
-
cpe:2.3:a:progress:moveit_transfer:2020.0.6
-
cpe:2.3:a:progress:moveit_transfer:2020.1
-
cpe:2.3:a:progress:moveit_transfer:2020.1.1
-
cpe:2.3:a:progress:moveit_transfer:2020.1.10
-
cpe:2.3:a:progress:moveit_transfer:2020.1.11
-
cpe:2.3:a:progress:moveit_transfer:2020.1.4
-
cpe:2.3:a:progress:moveit_transfer:2020.1.5
-
cpe:2.3:a:progress:moveit_transfer:2020.1.6
-
cpe:2.3:a:progress:moveit_transfer:2021.0
-
cpe:2.3:a:progress:moveit_transfer:2021.0.1
-
cpe:2.3:a:progress:moveit_transfer:2021.0.3
-
cpe:2.3:a:progress:moveit_transfer:2021.0.6
-
cpe:2.3:a:progress:moveit_transfer:2021.0.7
-
cpe:2.3:a:progress:moveit_transfer:2021.0.8
-
cpe:2.3:a:progress:moveit_transfer:2021.0.9
-
cpe:2.3:a:progress:moveit_transfer:2021.1.0
-
cpe:2.3:a:progress:moveit_transfer:2021.1.4
-
cpe:2.3:a:progress:moveit_transfer:2021.1.5
-
cpe:2.3:a:progress:moveit_transfer:2021.1.6
-
cpe:2.3:a:progress:moveit_transfer:2021.1.7
-
cpe:2.3:a:progress:moveit_transfer:2021.1.8
-
cpe:2.3:a:progress:moveit_transfer:2022.0.0
-
cpe:2.3:a:progress:moveit_transfer:2022.0.10
-
cpe:2.3:a:progress:moveit_transfer:2022.0.4
-
cpe:2.3:a:progress:moveit_transfer:2022.0.5
-
cpe:2.3:a:progress:moveit_transfer:2022.0.6
-
cpe:2.3:a:progress:moveit_transfer:2022.0.7
-
cpe:2.3:a:progress:moveit_transfer:2022.0.8
-
cpe:2.3:a:progress:moveit_transfer:2022.0.9
-
cpe:2.3:a:progress:moveit_transfer:2022.1.0
-
cpe:2.3:a:progress:moveit_transfer:2022.1.10
-
cpe:2.3:a:progress:moveit_transfer:2022.1.11
-
cpe:2.3:a:progress:moveit_transfer:2022.1.5
-
cpe:2.3:a:progress:moveit_transfer:2022.1.6
-
cpe:2.3:a:progress:moveit_transfer:2022.1.7
-
cpe:2.3:a:progress:moveit_transfer:2022.1.8
-
cpe:2.3:a:progress:moveit_transfer:2022.1.9
-
cpe:2.3:a:progress:moveit_transfer:2023.0.0
-
cpe:2.3:a:progress:moveit_transfer:2023.0.1
-
cpe:2.3:a:progress:moveit_transfer:2023.0.10
-
cpe:2.3:a:progress:moveit_transfer:2023.0.11
-
cpe:2.3:a:progress:moveit_transfer:2023.0.12
-
cpe:2.3:a:progress:moveit_transfer:2023.0.13
-
cpe:2.3:a:progress:moveit_transfer:2023.0.14
-
cpe:2.3:a:progress:moveit_transfer:2023.0.15
-
cpe:2.3:a:progress:moveit_transfer:2023.0.2
-
cpe:2.3:a:progress:moveit_transfer:2023.0.3
-
cpe:2.3:a:progress:moveit_transfer:2023.0.4
-
cpe:2.3:a:progress:moveit_transfer:2023.0.6
-
cpe:2.3:a:progress:moveit_transfer:2023.0.7
-
cpe:2.3:a:progress:moveit_transfer:2023.0.8
-
cpe:2.3:a:progress:moveit_transfer:2023.0.9
-
cpe:2.3:a:progress:moveit_transfer:2023.1.0
-
cpe:2.3:a:progress:moveit_transfer:2023.1.1
-
cpe:2.3:a:progress:moveit_transfer:2023.1.10
-
cpe:2.3:a:progress:moveit_transfer:2023.1.12
-
cpe:2.3:a:progress:moveit_transfer:2023.1.2
-
cpe:2.3:a:progress:moveit_transfer:2023.1.3
-
cpe:2.3:a:progress:moveit_transfer:2023.1.4
-
cpe:2.3:a:progress:moveit_transfer:2023.1.5
-
cpe:2.3:a:progress:moveit_transfer:2023.1.6
-
cpe:2.3:a:progress:moveit_transfer:2023.1.7
-
cpe:2.3:a:progress:moveit_transfer:2023.1.8
-
cpe:2.3:a:progress:moveit_transfer:2023.1.9
-
cpe:2.3:a:progress:moveit_transfer:2024.0.0
-
cpe:2.3:a:progress:moveit_transfer:2024.0.2
-
cpe:2.3:a:progress:moveit_transfer:2024.0.3
-
cpe:2.3:a:progress:moveit_transfer:2024.0.4
-
cpe:2.3:a:progress:moveit_transfer:2024.0.5
-
cpe:2.3:a:progress:moveit_transfer:2024.0.6
-
cpe:2.3:a:progress:moveit_transfer:2024.0.8
-
cpe:2.3:a:progress:moveit_transfer:2024.1.0
-
cpe:2.3:a:progress:moveit_transfer:2024.1.1
-
cpe:2.3:a:progress:moveit_transfer:2024.1.2
-
cpe:2.3:a:progress:moveit_transfer:2024.1.3
-
cpe:2.3:a:progress:moveit_transfer:2024.1.4
-
cpe:2.3:a:progress:moveit_transfer:2024.1.5
-
cpe:2.3:a:progress:moveit_transfer:2024.1.6
-
cpe:2.3:a:progress:moveit_transfer:2024.1.7
-
cpe:2.3:a:progress:moveit_transfer:2025.0.0
-
cpe:2.3:a:progress:moveit_transfer:2025.0.1
-
cpe:2.3:a:progress:moveit_transfer:2025.0.2
-
cpe:2.3:a:progress:moveit_transfer:2025.0.3