otx.alienvault.com
Open in
urlscan Pro
13.32.121.87
Public Scan
URL:
https://otx.alienvault.com/pulse/648075655dea5621190d8e57
Submission: On June 07 via api from US — Scanned from DE
Submission: On June 07 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (233347) Suggest Edit Clone Embed Download Report Spam CVE-2023-34362: MOVEIT TRANSFER SQL INJECTION VULNERABILITY THREAT BRIEF * Created 43 minutes ago by AlienVault * Public * TLP: White On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Transfer product. MOVEit Transfer is a managed file transfer (MFT) application intended to provide secure collaboration and automated file transfers of sensitive data. In all cases the vulnerability was being exploited to upload a web shell onto the MOVEit Transfer server. The web shell also allowed threat actors to enumerate files and folders on the MOVEit Transfer server, read configuration information, download files, and create or delete MOVEit server user accounts. Reference: https://unit42.paloaltonetworks.com/threat-brief-moveit-cve-2023-34362/ Tags: cl0p, moveit transfer, cve202334362, cortex xdr, moveit, SQLi Malware Family: Cl0p Att&ck IDs: T1027 - Obfuscated Files or Information , T1210 - Exploitation of Remote Services , T1516 - Input Injection , T1083 - File and Directory Discovery , T1098 - Account Manipulation Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (60) * Related Pulses (5) * Comments (0) * History (0) CVE (1)FileHash-SHA256 (41)FileHash-MD5 (9)FileHash-SHA1 (9) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses FileHash-SHA256fe5f8388ccea7c548d587d1e2843921c038a9f4ddad3cb03f3aa8a45c29c6a2fJun 7, 2023, 12:17:42 PM4 FileHash-SHA256f994063b9fea6e4b401ee542f6b6d8d6d3b9e5082b5313adbd02c55dc6b4feb7Jun 7, 2023, 12:17:42 PM1 FileHash-SHA256f3543cd16de13214124bd7c91033c3cd3bbcf6587871257e699fd89df96fd86fJun 7, 2023, 12:17:42 PM1 FileHash-SHA256f0d85b65b9f6942c75271209138ab24a73da29a06bc6cc4faeddcb825058c09dJun 7, 2023, 12:17:42 PM2 FileHash-SHA256ea433739fb708f5d25c937925e499c8d2228bf245653ee89a6f3d26a5fd00b7aJun 7, 2023, 12:17:42 PM2 FileHash-SHA256e8012a15b6f6b404a33f293205b602ece486d01337b8b3ec331cd99ccadb562eJun 7, 2023, 12:17:42 PM3 FileHash-SHA256de4ad0052c273649e0aca573e30c55576f5c1de7d144d1d27b5d4808b99619cdJun 7, 2023, 12:17:42 PM1 FileHash-SHA256daaa102d82550f97642887514093c98ccd51735e025995c2cc14718330a856f4Jun 7, 2023, 12:17:42 PM2 FileHash-SHA256d49cf23d83b2743c573ba383bf6f3c28da41ac5f745cde41ef8cd1344528c195Jun 7, 2023, 12:17:42 PM4 FileHash-SHA256d477ec94e522b8d741f46b2c00291da05c72d21c359244ccb1c211c12b635899Jun 7, 2023, 12:17:42 PM2 SHOWING 1 TO 10 OF 60 ENTRIES 1 2 3 4 5 ... 6 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2023 AlienVault, Inc. * Legal * Status