all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Vulnerabilities in Progress MOVEit Transfer Could Allow for Unauthorized Database Access

Add to bookmarks
July 8, 2023, 2:38 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

Multiple vulnerabilities have been discovered in Progress Moveit Transfer, which could allow for unauthorized database access. MOVEit Transfer is a managed file transfer software that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads. If successfully exploited, an attacker could gain unauthorized access to the database, potentially compromising confidential information, user credentials, and other sensitive data. This unauthorized access could also result in unauthorized modifications and disclosure of the database content.

access attacker business business partners customers database enterprise exploited file files file transfer http managed managed file transfer moveit moveit transfer partners progress scp sftp software transfer vulnerabilities

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

A Vulnerability in Check Point Security Gateways Could Allow for Credential Access 1 day, 11 hours ago | www.cisecurity.org
access block check check point +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 days, 4 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution chrome code +7
Multiple Vulnerabilities in LenelS2 NetBox Could Allow for Arbitrary Code Execution 2 days, 9 hours ago | www.cisecurity.org
access access control arbitrary code arbitrary code execution +14
Multiple Vulnerabilities in Fortinet FortiSIEM Could Allow for Remote Code Execution 3 days, 10 hours ago | www.cisecurity.org
analysis awareness code code execution +17
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 1 day ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +12
A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass 1 week, 2 days ago | www.cisecurity.org
applications authentication authentication bypass automate +23
A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation 2 weeks, 3 days ago | www.cisecurity.org
access access rights account attacker +14
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks, 3 days ago | www.cisecurity.org
arbitrary code arbitrary code execution chrome code +7
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 weeks, 4 days ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com