CVE-2024-4358
CVSS V2 None
CVSS V3 None
Description
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
Overview
- CVE ID
- CVE-2024-4358
- Assigner
- ProgressSoftware
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-05-29T14:51:21.612Z
- Last Modified Date
- 2024-06-14T13:56:15.546Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-4358 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4358 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-23 22:05:13 | Added to TrackCVE |