Technologyglobal✓ verified · 95%

Progress MOVEit Transfer SQL Injection Vulnerability

Name: Progress MOVEit Transfer SQL Injection Vulnerability
Start: 2023-06-02
Location: Global (internet)

When: 2023-06-02 00:00 UTC · day precision
Where: Global (internet)
Category: cyber_exploit · ransomware

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.

Sources

CISA ↗ · first seen 2023-06-02 00:00 UTC

Defaxon links out to the original reporting and never republishes article text.

Correlated events

Computed by the Defaxon correlation engine — linked by shared actors, co-location, and temporal proximity. Scored hypotheses, never causal claims.

No correlated events found in the current window. As more events arrive, connections form automatically.

← Back to the live map