February 2020 Scheduled Maintenance
Scheduled Maintenance Report for Progress MOVEit Cloud
Maintenance is now complete.

MOVEit Cloud North America - Cluster 1 servers were successfully upgraded to 2019.2 and all testing was successful.

Thank you,
The MOVEit Cloud Team
Posted Feb 16, 2020 - 16:27 CST
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Feb 16, 2020 - 15:00 CST
2019.2 release notes for the upcoming MOVEIt Cloud upgrade

What's New:

MOVEit Transfer 2019.2 features customer and partner-requested fixes and user wins along with expanded REST API capabilities for power-users and system integrators.

* Improved JavaScript Wizard. All users enjoy a better upload and download experience through the Web UI.
* Better Control of Large File Uploads. Pause or resume large, timed out, or failed file uploads.
* Manage Contacts List with REST API. Get or manage contacts for org users with short scripts or RESTful applications (/api/v1/contacts).
* Chunked File Upload Added to REST API. Use this option to avoid hitting web server chunk size constraints.
* Resumable File Upload Available through the REST API. Resume partial or interrupted uploads. (POST /api/v1/folders/{folderId}/files?uploadType=resumable). Upload ordered parts until the final chunk.
* Get User Quota Information. Return a folderQuota name-value pair when you get user information (/api/v1/users/{Id}).
* Return Folder List Permissions for a User with REST API. Return and filter folders according to users that can access or modify them.
* Filter users that have accessed or not accessed folders using the REST API. Reduce a list of folders based on users that have already or never accessed folder contents (files and packages) using the REST API.
* Copy a Folder with the REST API. Copy a folder or use a boilerplate folder as a template using the new REST API /api/v1/folders/{Id}/copy endpoint.
* Move a File or Folder with the REST API. Move a folder using the new REST API /api/v1/files/{Id}/move /api/v1/folders/{Id}/move endpoint.
* Get MOVEit Transfer Server Version with REST API. Authorized users can get the MOVEit Transfer Server version and build (/api/v1/serverinfo).
* ActiveX Wizard Deprecated. Encourage users to leverage the native upload and download capability (also referred to as the JavaScript wizard).
* Org Administrator Controls for ActiveX Wizard Have Changed. With the featured improvements to the JavaScript Wizard, the Org Admin controls for the deprecated ActiveX Wizard were streamlined.

Fixed Issues:

ID Category Fixed Issue
* MIDMZ-15307 MOVEit Authenticator/MFA Fixed an issue for MOVEit Transfer users running/using Duo Authenticator App to sign-on when using mobile-enabled Multi-factor Authentication (MFA).
* MIDMZ-11756 Web UI Fixed issue where folders were not populating in JavaScript Wizard when run on Internet Explorer.
* MIDMZ-14365 Web UI Style and spacing issue resolved in the Password section of the User Add page.
* MIDMZ-14437 Web UI Fixed case where admins of very large deployments experienced a usability issue when very large user (drop down) list did not display in a way that scaled to the very large result set (Settings->Auth Method).
* MIDMZ-14871 Live View Fixed case where in Web Farm deployment pattern, load balancer IP address displayed in Live View dashboard rather than host IP of the Web Farm node.
* MIDMZ-14902 Web UI User with no home folder no longer has a non-functional Home Folder quick link on User Home view.
* MIDMZ-15210 Upload Fixed a case where JavaScript wizard upload returned Server Error.
* MIDMZ-15296 Web UI Group and Username field of folder permissions box is now expandable.
* MIDMZ-15071 REST API Fixed REST API subfolder cleanup capability.
* MIDMZ-15550 Web UI Fixed an issue where Group Admin did not have permissions to create user if the user did not have a home folder.
* MIDMZ-15441 Status Server (XferStatusServer) Fixed XferStatusServer resource utilization issue observed for cases where Webfarm deployment pattern is used.
* MIDMZ-15558 Security CVE-2019-16383. We fixed an authentication and authorization bypass vulnerability discovered during third-party testing. Credit: Aviv Beniash.
* MIDMZ-15584 Web UI Fixed issue where JSWizard would attempt to upload to user's home folder for users with no home folder.
* MIDMZ-15588 Swagger UI Upgraded to newer version of Swagger UI with patch for a detected XSS vulnerability.
* MIDMZ-15213/MIDMZ-15190 Web UI setting Fixed scenario where session timeout did not reset to expected value.
* MIDMZ-15214 Web UI Fixed a style issue that could obscure Add Access button when Admins used the Folder settings page for the specific case where Max List Count is set to less than the number of users in the Org.
* MIDMZ-449 LDAP Authentication Hardened LDAP authentication fallback conditions. See the Administrator Guide for details.
* MIDMZ-16058 Security CVE-2020-8612 REST API endpoint failed to adequately sanitize malicious input which could allow an authenticated attacker to execute arbitrary code in a victim's browser.
* MIDMZ-16066, MIDMZ-16071, MIDMZ-16069 Security CVE-2020-8611 Multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements which alter or destroy database elements.

Known Issues:

* MIDMZ-16010 Package Upload Package upload does not complete if client session expiry timer elapses (and Send Immediately after Upload option is not checked).
Use the Send Immediately after Upload option when uploading large package files.
Posted Dec 05, 2019 - 10:44 CST
We will be upgrading MOVEit Cloud North America - Cluster 1 servers on February 16th to version 2019.2. Please plan on these servers being offline for most or all of the maintenance window for the upgrade.

* Please note that the test server has already been upgraded to the new version, so customers who've purchased a test server Org can start their testing.
Posted Dec 02, 2019 - 09:15 CST
This scheduled maintenance affected: North America - Cluster 1, North America - Cluster 2, and Europe - Cluster 1.