Home
LOW: 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NDefault status
unaffected
2025.1.0 (semver) before 2025.1.3
affected
Any version before 2025.0.7
affected
Description
Limited authentication bypass by spoofing vulnerability in Progress MOVEit Transfer (HTTPS module). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Problem types
CWE-290 Authentication bypass by spoofing
Product status
2025.1.0 (semver) before 2025.1.3
Any version before 2025.0.7
Credits
Niv Levy
References
docs.progress.com/...tes-2026/page/Fixed-Issues-in-2026.html