PT-2025-47528 · Progress · Moveit Transfer
Alex Achs
+3
·
Published
2025-11-15
·
Updated
2025-11-21
·
CVE-2025-13147
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Progress MOVEit Transfer versions prior to 2024.1.8
Progress MOVEit Transfer versions 2025.0.0 through 2025.0.3
Description
A Server-Side Request Forgery (SSRF) vulnerability exists in Progress MOVEit Transfer. This type of issue allows an attacker to make requests on behalf of the server, potentially accessing internal resources or performing actions with the server's privileges.
Recommendations
Update Progress MOVEit Transfer to version 2024.1.8 or later.
Update Progress MOVEit Transfer to version 2025.0.4 or later.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moveit Transfer