First published: Thu Aug 05 2021(Updated: )
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Progress MOVEit Transfer | <2019.0.7 | |
Progress MOVEit Transfer | >=2019.1<2019.1.6 | |
Progress MOVEit Transfer | >=2019.2<2019.2.3 | |
Progress MOVEit Transfer | >=2020.0<2020.0.6 | |
Progress MOVEit Transfer | >=2020.1<2020.1.5 | |
Progress MOVEit Transfer | >=2021.0<2021.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2021-37614.
The severity of CVE-2021-37614 is high with a severity value of 8.8.
The affected software versions for CVE-2021-37614 are Progress MOVEit Transfer versions before 2021.0.3 (aka 13.0.3).
An authenticated remote attacker can exploit CVE-2021-37614 by performing SQL injection in the MOVEit Transfer web application to gain access to the database.
To fix CVE-2021-37614, users should upgrade to Progress MOVEit Transfer version 2021.0.3 (aka 13.0.3) or later.