CVE-2024-2291

Name of the Vulnerable Software and Affected Versions MOVEit Transfer versions prior to 2022.0.11 (14.0.11) MOVEit Transfer versions prior to 2022.1.12 (14.1.12) MOVEit Transfer versions prior to 2023.0.9 (15.0.9) MOVEit Transfer versions prior to 2023.1.4 (15.1.4)

Description A logging bypass issue has been discovered, allowing an authenticated user to manipulate a request and bypass the logging mechanism within the web application. This results in user activity not being logged properly.

Recommendations For versions prior to 2022.0.11 (14.0.11), update to version 2022.0.11 (14.0.11) or later. For versions prior to 2022.1.12 (14.1.12), update to version 2022.1.12 (14.1.12) or later. For versions prior to 2023.0.9 (15.0.9), update to version 2023.0.9 (15.0.9) or later. For versions prior to 2023.1.4 (15.1.4), update to version 2023.1.4 (15.1.4) or later.