CVE-2023-36933

Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions prior to 2021.0.9 (13.0.9) MOVEit Transfer versions prior to 2021.1.7 (13.1.7) MOVEit Transfer versions prior to 2022.0.7 (14.0.7) MOVEit Transfer versions prior to 2022.1.8 (14.1.8) MOVEit Transfer versions prior to 2023.0.4 (15.0.4)

Description The issue is related to an incorrect implementation of a sequence of actions in the Progress MOVEit Transfer software, which can be exploited by a remote attacker to cause a denial of service. This can be achieved by invoking a method that results in an unhandled exception, causing the MOVEit Transfer application to terminate unexpectedly.

Recommendations For versions prior to 2021.0.9 (13.0.9), update to version 2021.0.9 (13.0.9) or later. For versions prior to 2021.1.7 (13.1.7), update to version 2021.1.7 (13.1.7) or later. For versions prior to 2022.0.7 (14.0.7), update to version 2022.0.7 (14.0.7) or later. For versions prior to 2022.1.8 (14.1.8), update to version 2022.1.8 (14.1.8) or later. For versions prior to 2023.0.4 (15.0.4), update to version 2023.0.4 (15.0.4) or later.