CVE-2024-0396 (GCVE-0-2024-0396)

Vulnerability from cvelistv5 – Published: 2024-01-17 15:56 – Updated: 2024-11-13 19:52
VLAI?
Summary
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.
Severity ?
7.1 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Progress Software Corporation MOVEit Transfer Affected: 2022.0.0 (14.0.0) , < 2022.0.10 (14.0.10) (semver)
Affected: 2022.1.0 (14.1.0) , < 2022.1.11 (14.1.11) (semver)
Affected: 2023.0.0 (15.0.0) , < 2023.0.8 (15.0.8) (semver)
Affected: 2023.1.0 (15.1.0) , < 2023.1.3 (15.1.3) (semver)
Create a notification for this product.
Credits
HackerOne: p-v-p
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:04:49.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://www.progress.com/moveit"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0396",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-23T20:58:50.772488Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T19:52:11.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "MOVEit Transfer",
          "vendor": "Progress Software Corporation",
          "versions": [
            {
              "lessThan": "2022.0.10 (14.0.10)",
              "status": "affected",
              "version": "2022.0.0 (14.0.0)",
              "versionType": "semver"
            },
            {
              "lessThan": "2022.1.11 (14.1.11)",
              "status": "affected",
              "version": "2022.1.0 (14.1.0)",
              "versionType": "semver"
            },
            {
              "lessThan": "2023.0.8 (15.0.8)",
              "status": "affected",
              "version": "2023.0.0 (15.0.0)",
              "versionType": "semver"
            },
            {
              "lessThan": "2023.1.3 (15.1.3)",
              "status": "affected",
              "version": "2023.1.0 (15.1.0)",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "HackerOne: p-v-p"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\n\n"
            }
          ],
          "value": "\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-113",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-113 API Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-17T15:58:24.651Z",
        "orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
        "shortName": "ProgressSoftware"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://www.progress.com/moveit"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing Server-Side Input Validation in HTTP Parameter",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
    "assignerShortName": "ProgressSoftware",
    "cveId": "CVE-2024-0396",
    "datePublished": "2024-01-17T15:56:41.390Z",
    "dateReserved": "2024-01-10T13:12:29.565Z",
    "dateUpdated": "2024-11-13T19:52:11.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2022.0.10\", \"matchCriteriaId\": \"B392A9C3-723E-48B9-83F9-C020A3FA4A88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2022.1.0\", \"versionEndExcluding\": \"2022.1.11\", \"matchCriteriaId\": \"E4327F71-29F5-42BE-BB63-55912ACD82F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2023.0.1\", \"versionEndExcluding\": \"2023.0.8\", \"matchCriteriaId\": \"8D751E70-646C-4CB4-92A5-A53EB0505025\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2023.1.0\", \"versionEndExcluding\": \"2023.1.3\", \"matchCriteriaId\": \"E05648FB-598C-4884-BDFC-6C16C7152016\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"En las versiones de Progress MOVEit Transfer lanzadas antes de 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), se descubri\\u00f3 un problema de validaci\\u00f3n de entrada. Un usuario autenticado puede manipular un par\\u00e1metro en una transacci\\u00f3n HTTPS. La transacci\\u00f3n modificada podr\\u00eda provocar errores computacionales dentro de MOVEit Transfer y potencialmente resultar en una denegaci\\u00f3n de servicio.\"}]",
      "id": "CVE-2024-0396",
      "lastModified": "2024-11-21T08:46:29.587",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@progress.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.2}]}",
      "published": "2024-01-17T16:15:46.623",
      "references": "[{\"url\": \"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\", \"source\": \"security@progress.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.progress.com/moveit\", \"source\": \"security@progress.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.progress.com/moveit\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}]",
      "sourceIdentifier": "security@progress.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@progress.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-0396\",\"sourceIdentifier\":\"security@progress.com\",\"published\":\"2024-01-17T16:15:46.623\",\"lastModified\":\"2024-11-21T08:46:29.587\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\\n\\n\"},{\"lang\":\"es\",\"value\":\"En las versiones de Progress MOVEit Transfer lanzadas antes de 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), se descubri\u00f3 un problema de validaci\u00f3n de entrada. Un usuario autenticado puede manipular un par\u00e1metro en una transacci\u00f3n HTTPS. La transacci\u00f3n modificada podr\u00eda provocar errores computacionales dentro de MOVEit Transfer y potencialmente resultar en una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@progress.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"security@progress.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.0.10\",\"matchCriteriaId\":\"B392A9C3-723E-48B9-83F9-C020A3FA4A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022.1.0\",\"versionEndExcluding\":\"2022.1.11\",\"matchCriteriaId\":\"E4327F71-29F5-42BE-BB63-55912ACD82F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.0.1\",\"versionEndExcluding\":\"2023.0.8\",\"matchCriteriaId\":\"8D751E70-646C-4CB4-92A5-A53EB0505025\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.1.0\",\"versionEndExcluding\":\"2023.1.3\",\"matchCriteriaId\":\"E05648FB-598C-4884-BDFC-6C16C7152016\"}]}]}],\"references\":[{\"url\":\"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\",\"source\":\"security@progress.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.progress.com/moveit\",\"source\":\"security@progress.com\",\"tags\":[\"Product\"]},{\"url\":\"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.progress.com/moveit\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.progress.com/moveit\", \"tags\": [\"product\", \"x_transferred\"]}, {\"url\": \"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:04:49.919Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0396\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-23T20:58:50.772488Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T19:52:08.413Z\"}}], \"cna\": {\"title\": \"Missing Server-Side Input Validation in HTTP Parameter\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"HackerOne: p-v-p\"}], \"impacts\": [{\"capecId\": \"CAPEC-113\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-113 API Manipulation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Progress Software Corporation\", \"product\": \"MOVEit Transfer\", \"versions\": [{\"status\": \"affected\", \"version\": \"2022.0.0 (14.0.0)\", \"lessThan\": \"2022.0.10 (14.0.10)\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2022.1.0 (14.1.0)\", \"lessThan\": \"2022.1.11 (14.1.11)\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2023.0.0 (15.0.0)\", \"lessThan\": \"2023.0.8 (15.0.8)\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2023.1.0 (15.1.0)\", \"lessThan\": \"2023.1.3 (15.1.3)\", \"versionType\": \"semver\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://www.progress.com/moveit\", \"tags\": [\"product\"]}, {\"url\": \"https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-January-2024\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nIn Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.  An authenticated user can manipulate a parameter in an HTTPS transaction.  The modified transaction could lead to computational errors within MOVEit Transfer and potentially result in a denial of service.\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"f9fea0b6-671e-4eea-8fde-31911902ae05\", \"shortName\": \"ProgressSoftware\", \"dateUpdated\": \"2024-01-17T15:58:24.651Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-0396\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T19:52:11.923Z\", \"dateReserved\": \"2024-01-10T13:12:29.565Z\", \"assignerOrgId\": \"f9fea0b6-671e-4eea-8fde-31911902ae05\", \"datePublished\": \"2024-01-17T15:56:41.390Z\", \"assignerShortName\": \"ProgressSoftware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.