PT-2024-33092 · Progress · Progress Telerik Report Server
Christian Kuersteiner
·
Published
2024-05-15
·
Updated
2025-01-16
·
CVE-2024-4837
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Progress Telerik Report Server versions 10.0.24.305 or earlier
Description
The issue allows an unauthenticated attacker to gain access to restricted functionality in Progress Telerik Report Server via a trust boundary violation. This can occur when the software is used on IIS.
Recommendations
For versions 10.0.24.305 or earlier, update to a version later than 10.0.24.305 to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Progress Telerik Report Server