PT-2026-1522 · Progress · Moveit Transfer

Publicado

2026-01-06

·

Atualizado

2026-02-03

·

CVE-2025-11235

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Progress MOVEit Transfer versions 2022.0.0 through 2022.0.10 Progress MOVEit Transfer versions 2022.1.0 through 2022.1.11 Progress MOVEit Transfer versions 2023.0.0 through 2023.0.8 Progress MOVEit Transfer versions 2023.1.0 through 2023.1.3
Description An unverified password change issue exists in the REST API modules of Progress MOVEit Transfer on Windows. The issue allows for potential unauthorized password modifications.
Recommendations Update Progress MOVEit Transfer versions prior to 2022.1.11. Update Progress MOVEit Transfer versions prior to 2023.0.8. Update Progress MOVEit Transfer versions prior to 2023.1.3.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-620

Identificadores relacionados

CVE-2025-11235

Produtos afetados

Moveit Transfer