CVE-2024-1403
CVSS V2 None
CVSS V3 None
Description
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified. The
vulnerability is a bypass to authentication based on a failure to properly
handle username and password. Certain unexpected
content passed into the credentials can lead to unauthorized access without proper
authentication.
Overview
- CVE ID
- CVE-2024-1403
- Assigner
- ProgressSoftware
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-02-27T15:39:54.850Z
- Last Modified Date
- 2024-02-27T15:39:54.850Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.progress.com/openedge | product |
| https://community.progress.com/s/article/Important-Critical-Alert-for-OpenEdge-Authentication-Gateway-and-AdminServer | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-1403 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1403 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 06:36:40 | Added to TrackCVE |