Statements (27)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybersecurity vulnerability
|
gptkbp:affects |
gptkb:MOVEit_Transfer
|
gptkbp:exploits |
Cl0p ransomware group
|
gptkbp:hasAttackVector |
gptkb:network_protocol
|
gptkbp:hasAuthenticationRequired |
none
|
gptkbp:hasCVEID |
gptkb:CVE-2023-34362
|
gptkbp:hasCVSSScore |
9.8
|
gptkbp:hasCWE |
gptkb:CWE-89
|
gptkbp:hasMitreDescription |
MOVEit Transfer SQL injection vulnerability allows unauthenticated attackers to gain access to the MOVEit Transfer database.
|
gptkbp:hasPatchAvailable |
true
|
gptkbp:hasPublicExploit |
true
|
gptkbp:hasSeverity |
critical
|
gptkbp:hasType |
SQL injection
|
gptkbp:hasVendorAdvisory |
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
|
https://www.w3.org/2000/01/rdf-schema#label |
CVE-2023-34362
|
gptkbp:influencedBy |
data exfiltration
unauthorized access |
gptkbp:isAssignedToVendor |
gptkb:Progress_Software
|
gptkbp:isExploitedInTheWild |
true
|
gptkbp:isPartOfCampaign |
Cl0p ransomware attacks
|
gptkbp:isPatched |
true
|
gptkbp:referencedIn |
https://www.progress.com/moveit
https://nvd.nist.gov/vuln/detail/CVE-2023-34362 https://www.cisa.gov/news-events/alerts/2023/06/02/critical-vulnerability-moveit-transfer-exploited |
gptkbp:wasDisclosedOn |
2023-05-31
|
gptkbp:bfsParent |
gptkb:MOVEit
|
gptkbp:bfsLayer |
6
|