ADVISORY!
TLP : CLEAR
Date : 27/06/2024
REF NO : CERT / 2024/06/57
MOVEit Products Security Restriction Bypass Vulnerabilities
Severity Level: Medium
Components Affected
- MOVEit Gateway 2024.0.0
- MOVEit Transfer from 2023.0.0 before 2023.0.11
- MOVEit Transfer from 2023.1.0 before 2023.1.6
- MOVEit Transfer from 2024.0.0 before 2024.0.2
Overview
Multiple vulnerabilities were identified in MOVEit Products. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass on the targeted system.
Note:
Proof of concept exploit for CVE-2024-5806 exists on the internet.To exploit the vulnerability, attackers must have knowledge of a valid users on the vulnerable system. Hence, the risk level is rated to Medium Risk.
Description
An improper authentication vulnerability in the SFTP module of Progress MOVEit Transfer can lead to authentication bypass. This issue affects MOVEit Transfer versions from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, and from 2024.0.0 before 2024.0.2. Exploiting this vulnerability could allow attackers to gain unauthorized access, potentially compromising sensitive data and system integrity.
Impact
- Security Restriction Bypass
Solution/ Workarounds
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version MOVEit Gateway 2024.0.1
- Update to version MOVEit Transfer 2023.0.11
- Update to version MOVEit Transfer 2023.1.6
- Update to version MOVEit Transfer 2024.0.2
Reference
Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.
Sri Lanka Computer Emergency Readiness Team | Coordination Centre
- Hotline : 101
- +94 11 269 1692
- Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
- General inquiry: cert@cert.gov.lk
- Security incidents: incidents@cert.gov.lk
- Social media incidents: report@cert.gov.lk
