CVE-2015-7675
medium
CVSS v3
6.5
VIR risk
6.5
Description
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| ipswitch | moveit_dmz | {"endIncluding":"8.1"} | |
| ipswitch | moveit_mobile | {"endIncluding":"1.2.0.962"} | |
References
- http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf
- http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html
- http://seclists.org/fulldisclosure/2016/Jan/95
- https://www.profundis-labs.com/advisories/CVE-2015-7675.txt
- http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf
- http://packetstormsecurity.com/files/135457/Ipswitch-MOVEit-DMZ-8.1-Authorization-Bypass.html
- http://seclists.org/fulldisclosure/2016/Jan/95
- https://www.profundis-labs.com/advisories/CVE-2015-7675.txt
CWEs
CWE-200
💬 Discuss CVE-2015-7675 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.