CVE-2023-40052

Name of the Vulnerable Software and Affected Versions Progress Application Server (PAS) for OpenEdge versions 11.7 prior to 11.7.18 Progress Application Server (PAS) for OpenEdge versions 12.2 prior to 12.2.13 Progress Application Server (PAS) for OpenEdge innovation releases prior to 12.8.0

Description This issue allows an attacker to cause the crash of a PASOE agent by producing a malformed web request, potentially disrupting the thread activities of many web application clients. Multiple attacks could lead to the flooding of invalid requests, overwhelming the server's ability to process valid requests.

Recommendations For versions 11.7 prior to 11.7.18, update to version 11.7.18 or later. For versions 12.2 prior to 12.2.13, update to version 12.2.13 or later. For innovation releases prior to 12.8.0, update to version 12.8.0 or later.