Progress MOVEit Transfer has a privilege escalation...
Unreviewed
Published
Jun 16, 2023
to the GitHub Advisory Database
•
Updated Nov 9, 2023
Description
Published by the National Vulnerability Database
Jun 16, 2023
Published to the GitHub Advisory Database
Jun 16, 2023
Last updated
Nov 9, 2023
Progress MOVEit Transfer has a privilege escalation vulnerability that can be addressed with DLL drop-in version 2023.0.3 (15.0.3) and other specific fixed versions (stated below). The availability date of fixed versions of the DLL drop-in is earlier than the availability date of fixed versions of the full installer. The specific weakness and impact details will be mentioned in a later update to this CVE Record. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3).
References