CVE-2024-4358 - OpenCVE

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Telerik	Report Server 2024

Configuration 1 [-]

cpe:2.3:a:telerik:report_server_2024:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358

History

No history.

MITRE

Status: PUBLISHED

Assigner: ProgressSoftware

Published: 2024-05-29T14:51:21.612Z

Updated: 2024-08-01T20:40:46.999Z

Reserved: 2024-04-30T17:34:38.695Z

Link: CVE-2024-4358

Vulnrichment

Updated: 2024-08-01T20:40:46.999Z

NVD

Status : Analyzed

Published: 2024-05-29T15:16:06.477

Modified: 2024-06-14T17:59:33.993

Link: CVE-2024-4358

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4358", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "state": "PUBLISHED", "assignerShortName": "ProgressSoftware", "dateReserved": "2024-04-30T17:34:38.695Z", "datePublished": "2024-05-29T14:51:21.612Z", "dateUpdated": "2024-08-01T20:40:46.999Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Telerik Report Server", "vendor": "Progress Software Corporation", "versions": [{"lessThan": "10.1.24.514", "status": "affected", "version": "1.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative"}], "datePublic": "2024-05-29T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability."}], "value": "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2024-05-29T14:51:21.612Z"}, "references": [{"url": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358"}], "source": {"discovery": "UNKNOWN"}, "title": "Registration Authentication Bypass Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "progress_software", "product": "telerik_report_server", "cpes": ["cpe:2.3:a:progress_software:telerik_report_server:1.0.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "1.0.0.0", "status": "affected", "lessThan": "10.1.24.514", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-14T13:56:10.408308Z", "id": "CVE-2024-4358", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-06-13", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-14T13:56:15.546Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:46.999Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:46.999Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4358", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-14T13:56:10.408308Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-06-13", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "affected": [{"cpes": ["cpe:2.3:a:progress_software:telerik_report_server:1.0.0.0:*:*:*:*:*:*:*"], "vendor": "progress_software", "product": "telerik_report_server", "versions": [{"status": "affected", "version": "1.0.0.0", "lessThan": "10.1.24.514", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-30T15:45:02.281Z"}}], "cna": {"title": "Registration Authentication Bypass Vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Progress Software Corporation", "product": "Telerik Report Server", "versions": [{"status": "affected", "version": "1.0.0", "lessThan": "10.1.24.514", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "datePublic": "2024-05-29T14:00:00.000Z", "references": [{"url": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.", "supportingMedia": [{"type": "text/html", "value": "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing"}]}], "providerMetadata": {"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "shortName": "ProgressSoftware", "dateUpdated": "2024-05-29T14:51:21.612Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4358", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:40:46.999Z", "dateReserved": "2024-04-30T17:34:38.695Z", "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05", "datePublished": "2024-05-29T14:51:21.612Z", "assignerShortName": "ProgressSoftware"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-07-04", "cisaExploitAdd": "2024-06-13", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:telerik:report_server_2024:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DAE2DE9-B18F-40F5-AFFB-2E85D34BAA18", "versionEndIncluding": "10.0.24.305", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability."}, {"lang": "es", "value": "En Progress Telerik Report Server, versi\u00f3n 2024 Q1 (10.0.24.305) o anterior, en IIS, un atacante no autenticado puede obtener acceso a la funcionalidad restringida de Telerik Report Server a trav\u00e9s de una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n."}], "id": "CVE-2024-4358", "lastModified": "2024-06-14T17:59:33.993", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@progress.com", "type": "Secondary"}]}, "published": "2024-05-29T15:16:06.477", "references": [{"source": "security@progress.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358"}], "sourceIdentifier": "security@progress.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "security@progress.com", "type": "Secondary"}]}