CVE-2024-2291

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 20, 2024
CWE ID 778

Summary

CVE-2024-2291 is a logging bypass vulnerability that affects In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), and 2023.1.4 (15.1.4). This vulnerability allows an authenticated user to manipulate a request and bypass the logging mechanism in the web application, resulting in user activity not being properly logged. The risk score for this vulnerability is 5, with a base severity of MEDIUM and a base score of 4.3 according to the CVE description provided by security@progress.com. The exploitability score is 2.8, and the potential impact includes low integrity impact and no confidentiality impact or availability impact as per the CVSS:3.1 vector string provided in the analysis description.

Note: The provided text lacks specific details on how to remediate the vulnerability or potential dangers it poses to an organization, which limits the information that can be included in the report's paragraph summary.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2291 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options