Statements (23)
Predicate | Object |
---|---|
gptkbp:instanceOf |
CVE Identifier
|
gptkbp:affects |
gptkb:MOVEit_Transfer
|
gptkbp:availabilityImpact |
High
|
gptkbp:complexity |
Low
|
gptkbp:confidentialityImpact |
High
|
gptkbp:cvssV3Score |
9.8
|
gptkbp:describes |
MOVEit Transfer before 2021.0.6, 2022.0.6, and 2023.0.1 allows unauthenticated attackers to gain access to the application database via a crafted request.
|
gptkbp:exploits |
gptkb:SQL_Injection
|
gptkbp:hasCWE |
gptkb:CWE-288
|
https://www.w3.org/2000/01/rdf-schema#label |
CVE-2023-35036
|
gptkbp:integrityImpact |
High
|
gptkbp:interface |
nan
|
gptkbp:mainVendors |
gptkb:Progress_Software
|
gptkbp:patchedBy |
2021.0.6
2022.0.6 2023.0.1 |
gptkbp:privileges |
nan
|
gptkbp:publicationDate |
2023-06-09
|
gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2023-35036
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023 |
gptkbp:vectorFor |
gptkb:network_protocol
|
gptkbp:bfsParent |
gptkb:MOVEit
|
gptkbp:bfsLayer |
6
|