CVE-2024-2291

Summary

CVE-2024-2291 is a logging bypass vulnerability that affects In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), and 2023.1.4 (15.1.4). This vulnerability allows an authenticated user to manipulate a request and bypass the logging mechanism in the web application, resulting in user activity not being properly logged. The risk score for this vulnerability is 5, with a base severity of MEDIUM and a base score of 4.3 according to the CVE description provided by [email protected]. The exploitability score is 2.8, and the potential impact includes low integrity impact and no confidentiality impact or availability impact as per the CVSS:3.1 vector string provided in the analysis description. Note: The provided text lacks specific details on how to remediate the vulnerability or potential dangers it poses to an organization, which limits the information that can be included in the report's paragraph summary.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.