PT-2017-16941 · Ipswitch · Ipswitch Moveit File Transfer+1

Publicado

2017-05-18

Atualizado

2017-05-26

CVE-2017-6195

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ipswitch MOVEit Transfer versions prior to 2017 9.0.0.201 Ipswitch MOVEit DMZ versions prior to 8.3.0.30 Ipswitch MOVEit DMZ versions prior to 8.2.0.20

Description The issue allows for pre-authentication blind SQL injection.

Recommendations For Ipswitch MOVEit Transfer versions prior to 2017 9.0.0.201, update to version 2017 9.0.0.201 or later. For Ipswitch MOVEit DMZ versions prior to 8.3.0.30, update to version 8.3.0.30 or later. For Ipswitch MOVEit DMZ versions prior to 8.2.0.20, update to version 8.2.0.20 or later.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2017-6195

Produtos afetados

Ipswitch Moveit Dmz

Ipswitch Moveit File Transfer

PT-2017-16941 · Ipswitch · Ipswitch Moveit File Transfer+1

CVE-2017-6195

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4