CVE-2023-6218 Information

Description

In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9) 2022.1.10 (14.1.10) 2023.0.7 (15.0.7) a privilege escalation path associated with group administrators has been identified.  It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator.

Reference

https://www.progress.com/moveit https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-November-2023