Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
CVE Identifier
|
| gptkbp:affects |
gptkb:MOVEit_Transfer
|
| gptkbp:availabilityImpact |
High
|
| gptkbp:complexity |
Low
|
| gptkbp:confidentialityImpact |
High
|
| gptkbp:cvssV3Score |
9.8
|
| gptkbp:describes |
MOVEit Transfer before 2021.0.6, 2022.0.6, and 2023.0.1 allows unauthenticated attackers to gain access to the application database via a crafted request.
|
| gptkbp:exploits |
gptkb:SQL_Injection
|
| gptkbp:hasCWE |
gptkb:CWE-288
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2023-35036
|
| gptkbp:integrityImpact |
High
|
| gptkbp:interface |
nan
|
| gptkbp:mainVendors |
gptkb:Progress_Software
|
| gptkbp:patchedBy |
2021.0.6
2022.0.6 2023.0.1 |
| gptkbp:privileges |
nan
|
| gptkbp:publicationDate |
2023-06-09
|
| gptkbp:referencedIn |
https://nvd.nist.gov/vuln/detail/CVE-2023-35036
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023 |
| gptkbp:vectorFor |
gptkb:network_protocol
|
| gptkbp:bfsParent |
gptkb:MOVEit
|
| gptkbp:bfsLayer |
6
|