CVE-2024-4563

🔶 medium

The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length.

CVSS Score

6.1

Medium

EPSS Score

0.1

Exploit Probability

Published Date

2024-05-22

First Seen: 2026-01-05

This CVE is Lower Risk - more severe than 38.8% of all 330,193 vulnerabilities in our database.

#202,011

Below average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

🏆 Discovered By

HackerOne - mnigma

SSVC data provided by CISA

Last Modified 2025-01-08

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE IDs (Weakness Types)

CWE-327

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
progress	moveit_automation	Affected	< 2024.0.0

Vendor Advisory

https://www.progress.com/moveit

Product

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-8485	🔶 medium	5.9	0.0	Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This i...	2026-05-20
CVE-2026-8486	🔶 medium	5.3	0.2	Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Floodin...	2026-05-20
CVE-2026-8487	🔶 medium	6.5	0.1	Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Da...	2026-05-20
CVE-2026-8488	🔶 medium	4.3	0.2	Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessi...	2026-05-20
CVE-2026-4670	⛔ critical	9.8	0.2	Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Byp...	2026-04-30
CVE-2026-5174	⚠️ high	7.7	0.1	Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue ...	2026-04-30

These CVEs affect the same products