CVE

CVE-2015-7677 (moveit_dmz)

admin

CVE-2015-7677 (moveit_dmz)

The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides different error messages depending on whether a FileID exists, which allows remote authenticated users to enumerate FileIDs via the X-siLock-FileID parameter in a download action to MOVEitISAPI/MOVEitISAPI.dll.
Source: CVE-2015-7677 (moveit_dmz)

Exit mobile version