CVE-2024-5806

Critical

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit…

ProgressSoftware·CWE-287·Published 2024-06-25

CVSS

9.8

EPSS

0.76

KEV

Exploits

Vendor statements (1)

community.progress.com

cve.orgen

243 chars

Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.

NVDes

272 chars

Vulnerabilidad de autenticación incorrecta en Progress MOVEit Transfer (módulo SFTP) puede provocar una omisión de autenticación. Este problema afecta a MOVEit Transfer: desde 2023.0.0 antes de 2023.0.11, desde 2023.1.0 antes de 2023.1.6, desde 2024.0.0 antes de 2024.0.2.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.1	Secondary	NVD	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N