CVE-2024-6327

Name of the Vulnerable Software and Affected Versions: In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709)

Description: The issue is related to an insecure deserialization vulnerability in the Telerik Report Server, which can be exploited to allow a remote attacker to execute arbitrary code. This poses a significant risk to data and systems.

Recommendations: For versions prior to 2024 Q2 (10.1.24.709), update to version 2024 Q2 (10.1.24.709) or later to resolve the issue. As a temporary workaround, consider restricting access to the deserialization mechanism to minimize the risk of exploitation.