Statements (27)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity vulnerability
|
| gptkbp:affects |
gptkb:MOVEit_Transfer
|
| gptkbp:exploits |
Cl0p ransomware group
|
| gptkbp:hasAttackVector |
gptkb:network_protocol
|
| gptkbp:hasAuthenticationRequired |
none
|
| gptkbp:hasCVEID |
gptkb:CVE-2023-34362
|
| gptkbp:hasCVSSScore |
9.8
|
| gptkbp:hasCWE |
gptkb:CWE-89
|
| gptkbp:hasMitreDescription |
MOVEit Transfer SQL injection vulnerability allows unauthenticated attackers to gain access to the MOVEit Transfer database.
|
| gptkbp:hasPatchAvailable |
true
|
| gptkbp:hasPublicExploit |
true
|
| gptkbp:hasSeverity |
critical
|
| gptkbp:hasType |
SQL injection
|
| gptkbp:hasVendorAdvisory |
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2023-34362
|
| gptkbp:influencedBy |
data exfiltration
unauthorized access |
| gptkbp:isAssignedToVendor |
gptkb:Progress_Software
|
| gptkbp:isExploitedInTheWild |
true
|
| gptkbp:isPartOfCampaign |
Cl0p ransomware attacks
|
| gptkbp:isPatched |
true
|
| gptkbp:referencedIn |
https://www.progress.com/moveit
https://nvd.nist.gov/vuln/detail/CVE-2023-34362 https://www.cisa.gov/news-events/alerts/2023/06/02/critical-vulnerability-moveit-transfer-exploited |
| gptkbp:wasDisclosedOn |
2023-05-31
|
| gptkbp:bfsParent |
gptkb:MOVEit
|
| gptkbp:bfsLayer |
6
|