CVE-2015-7675 (GCVE-0-2015-7675)
Vulnerability from cvelistv5 – Published: 2016-02-10 15:00 – Updated: 2024-08-06 07:58
VLAI
EPSS
VEX
Summary
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.
Severity
6.5 (Medium)
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2016/Jan/95 | mailing-listx_refsource_FULLDISC |
| http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNote… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/135457/Ipswi… | x_refsource_MISC |
| https://www.profundis-labs.com/advisories/CVE-201… | x_refsource_MISC |
Date Public
2015-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:58:59.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160127 Multiple security issues in MOVEit Managed File Transfer application",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/95"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.profundis-labs.com/advisories/CVE-2015-7675.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The \"Send as attachment\" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-02-10T12:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160127 Multiple security issues in MOVEit Managed File Transfer application",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/95"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.profundis-labs.com/advisories/CVE-2015-7675.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"Send as attachment\" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160127 Multiple security issues in MOVEit Managed File Transfer application",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/95"
},
{
"name": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf",
"refsource": "CONFIRM",
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"name": "http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html"
},
{
"name": "https://www.profundis-labs.com/advisories/CVE-2015-7675.txt",
"refsource": "MISC",
"url": "https://www.profundis-labs.com/advisories/CVE-2015-7675.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7675",
"datePublished": "2016-02-10T15:00:00.000Z",
"dateReserved": "2015-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:58:59.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-7675",
"date": "2026-07-12",
"epss": "0.03111",
"percentile": "0.86254"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:moveit_dmz:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.1\", \"matchCriteriaId\": \"C8C09B13-29FD-4A22-A77F-83B9434DBE33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:moveit_mobile:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.2.0.962\", \"matchCriteriaId\": \"B93E8747-D8C0-4FBC-BD74-B3A7FC391CD3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The \\\"Send as attachment\\\" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.\"}, {\"lang\": \"es\", \"value\": \"La funcionalidad \\\"Send as attachment\\\" en Ipswitch MOVEit DMZ en versiones anteriores a 8.2 y MOVEit Mobile en versiones anteriores a 1.2.2 permite a usuarios remotos autenticados eludir la autorizaci\\u00f3n y leer archivos cargados a trav\\u00e9s de un FileID v\\u00e1lido en el par\\u00e1metro (1) serverFileIds en mobile/sendMsg o (2) arg01 en human.aspx.\"}]",
"id": "CVE-2015-7675",
"lastModified": "2024-11-21T02:37:11.887",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false}]}",
"published": "2016-02-10T15:59:00.100",
"references": "[{\"url\": \"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2016/Jan/95\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.profundis-labs.com/advisories/CVE-2015-7675.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2016/Jan/95\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.profundis-labs.com/advisories/CVE-2015-7675.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-7675\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-02-10T15:59:00.100\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The \\\"Send as attachment\\\" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.\"},{\"lang\":\"es\",\"value\":\"La funcionalidad \\\"Send as attachment\\\" en Ipswitch MOVEit DMZ en versiones anteriores a 8.2 y MOVEit Mobile en versiones anteriores a 1.2.2 permite a usuarios remotos autenticados eludir la autorizaci\u00f3n y leer archivos cargados a trav\u00e9s de un FileID v\u00e1lido en el par\u00e1metro (1) serverFileIds en mobile/sendMsg o (2) arg01 en human.aspx.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:moveit_dmz:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1\",\"matchCriteriaId\":\"C8C09B13-29FD-4A22-A77F-83B9434DBE33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:moveit_mobile:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.2.0.962\",\"matchCriteriaId\":\"B93E8747-D8C0-4FBC-BD74-B3A7FC391CD3\"}]}]}],\"references\":[{\"url\":\"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://seclists.org/fulldisclosure/2016/Jan/95\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.profundis-labs.com/advisories/CVE-2015-7675.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://seclists.org/fulldisclosure/2016/Jan/95\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.profundis-labs.com/advisories/CVE-2015-7675.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…